This section introduces readers to OpenStack Networking (v2) API, provides guidelines on how to use it, and describes common features available to users throughout all Networking APIs.
The Networking API v2.0 is a RESTful HTTP service that uses all aspects of the
HTTP protocol including methods, URIs, media types, response codes, and so on.
Providers can use existing features of the protocol including caching,
persistent connections, and content compression. For example, providers who
employ a caching layer can respond with a
203
code instead of a
200
code
when a request is served from the cache. Additionally, providers can offer support
for conditional
GET
requests by using ETags, or they may send a redirect in
response to a
GET
request. Create clients so that these differences are
accounted for.
The Networking API v2.0 uses the OpenStack Identity service
as the default authentication
service. When Keystone is enabled, users that submit requests to the OpenStack
Networking service must provide an authentication token in
X-Auth-Token
request header. You obtain the token by authenticating to the Keystone
endpoint.
When Keystone is enabled, the
project_id
attribute is not required in create
requests because the project ID is derived from the authentication token.
NOTE: Currently the Networking API accepts the deprecated
tenant_id
attribute for the project ID for backward compatibility.
The default authorization settings allow only administrative users to create resources on behalf of a different project.
OpenStack Networking uses information received from Keystone to authorize user requests. OpenStack Networking handles the following types of authorization policies:
The actual authorization policies enforced in OpenStack Networking might vary from deployment to deployment.
The Networking API v2.0 supports JSON data serialization request and response formats only.
The Networking API v2.0 only accepts requests with the JSON data serialization
format. The
Content-Type
header is ignored.
Starting with the Newton release of the Networking service, the Networking API
accepts the
project_id
attribute in addition to the
tenant_id
attribute
in requests. The
tenant_id
attribute is accepted for backward compatibility.
If both the
project_id
and the
tenant_id
attribute are provided in the
same request, their values must be identical.
To determine whether a Networking API v2.0 endpoint supports the
project_id
attribute in requests, check that the
project-id
API extension is enabled
(see Extensions
).
The Networking API v2.0 always responds with the JSON data serialization
format. The
Accept
header is ignored.
Query extension
A
.json
extension can be added to the request URI. For example, the
.json
extension in the following requests are equivalent:
Starting with the Newton release of the Networking service, the Networking API
returns a
project_id
attribute in responses, while still returning a
tenant_id
attribute for backward compatibility. The values will always be
identical.
To determine whether a Networking API v2.0 endpoint returns the
project_id
attribute in responses, check that the
project-id
API extension is enabled
(see Extensions
).
The Networking API v2.0 supports filtering based on all top level attributes of a resource. Filters are applicable to all list requests.
For example, the following request returns all networks named
foobar
:
GET /v2.0/networks?name=foobar
When you specify multiple filters using different fields, the Networking API v2.0 returns only objects that meet all filtering criteria. The operation applies an AND condition among different filter fields.
OpenStack Networking offers an OR mechanism for filters by repeating the field
with the different OR criteria. For example, to find all networks named
foobar
OR
bizbaz
:
GET /v2.0/networks?name=foobar &name=bizbaz
ORs and ANDs can be combined. For example, if you want all networks with
admin_state_up=True and shared=True and named
foobar
or
bizbaz
:
GET /v2.0/networks?name=foobar &name=bizbaz &admin_state_up=True &shared=True
Starting from Rocky release, the Networking API might support filtering
attributes with empty value. For example, the request below lists all ports
that have
device_id
attribute with empty value (which are unbound ports).
GET /v2.0/networks?device_id=
To determine if this feature is supported, a user can check whether the
empty-string-filtering
extension API is available.
Starting from Rocky release, the Networking API will perform validation
on filtering attributes if the API extension
filter-validation
is
available. If an API request contains an unknown or unsupported
parameter, the server will return a
400
response instead of silently
ignoring the invalid input.
By default, OpenStack Networking returns all attributes for any show or list
call. The Networking API v2.0 has a mechanism to limit the set of attributes
returned. For example, return
id
.
You can use the
fields
query parameter to control the attributes returned
from the Networking API v2.0.
For example, the following request returns only
id
and
name
for each
network:
GET /v2.0/networks.json?fields=id &fields=name
The Networking API v2.0 presents a logical model of network connectivity consisting of networks, ports, and subnets. It is up to the OpenStack Networking plug-in to communicate with the underlying infrastructure to ensure packet forwarding is consistent with the logical model. A plug-in might perform these operations asynchronously.
When an API client modifies the logical model by issuing an HTTP
POST
,
PUT
, or
DELETE
request, the API call might return before the plug-in
modifies underlying virtual and physical switching devices. However, an API
client is guaranteed that all subsequent API calls properly reflect the changed
logical model.
For example, if a client issues an HTTP
PUT
request to set the attachment
for a port, there is no guarantee that packets sent by the interface named in
the attachment are forwarded immediately when the HTTP call returns. However,
it is guaranteed that a subsequent HTTP
GET
request to view the attachment
on that port returns the new attachment value.
You can use the
status
attribute with the network and port resources to
determine whether the OpenStack Networking plug-in has successfully completed
the configuration of the resource.
The Networking API v2.0 enables you to create several objects of the same type in the same API request. Bulk create operations use exactly the same API syntax as single create operations except that you specify a list of objects rather than a single object in the request body.
Bulk operations are always performed atomically, meaning that either all or none of the objects in the request body are created. If a particular plug-in does not support atomic operations, the Networking API v2.0 emulates the atomic behavior so that users can expect the same behavior regardless of the particular plug-in running in the background.
OpenStack Networking might be deployed without support for bulk operations and
when the client attempts a bulk create operation, a
400
Bad request error is
returned.
To reduce load on the service, list operations will return a maximum number of
items at a time. To navigate the collection, the parameters
limit
,
marker
and
page_reverse
can be set in the URI. For example:
?limit=100 &marker=1234 &page_reverse=False
The
marker
parameter is the ID of the last item in the previous list. The
limit
parameter sets the page size. The
page_reverse
parameter sets
the page direction. These parameters are optional. If the client requests a
limit beyond the maximum limit configured by the deployment, the server returns
the maximum limit number of items.
For convenience, list responses contain atom
next
links and
previous
links. The last page in the list requested with
page_reverse=False
will not
contain
next
link, and the last page in the list requested with
page_reverse=True
will not contain
previous
link. The following examples
illustrate two pages with three items. The first page was retrieved through:
GET http://127.0.0.1:9696/v2.0/networks.json?limit=2
Pagination is an optional feature of OpenStack Networking API, and it might be disabled. If pagination is disabled, the pagination parameters will be ignored and return all the items.
If a particular plug-in does not support pagination operations, and pagination is enabled, the Networking API v2.0 will emulate the pagination behavior so that users can expect the same behavior regardless of the particular plug-in running in the background.
To determine if pagination is supported, a user can check whether the ‘pagination’ extension API is available.
Example Network collection, first page: JSON request
GET /v2.0/networks.json?limit=2 HTTP/1.1
Host: 127.0.0.1:9696
Content-Type: application/json
Accept: application/json
Example Network collection, first page: JSON response
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"id "
:
"396f12f8-521e-4b91-8e21-2e003500433a "
,
"name "
:
"net3 "
,
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"physnet1 "
,
"provider:segmentation_id "
:
1002
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"tenant_id "
:
"20bd52ff3e1b40039c312395b04683cf "
"project_id "
:
"20bd52ff3e1b40039c312395b04683cf "
},
{
"admin_state_up "
:
true
,
"id "
:
"71c1e68c-171a-4aa2-aca5-50ea153a3718 "
,
"name "
:
"net2 "
,
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"physnet1 "
,
"provider:segmentation_id "
:
1001
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"tenant_id "
:
"20bd52ff3e1b40039c312395b04683cf "
"project_id "
:
"20bd52ff3e1b40039c312395b04683cf "
}
],
"networks_links "
:
[
{
"href "
:
"http://127.0.0.1:9696/v2.0/networks.json?limit=2 &marker=71c1e68c-171a-4aa2-aca5-50ea153a3718 "
,
"rel "
:
"next "
},
{
"href "
:
"http://127.0.0.1:9696/v2.0/networks.json?limit=2 &marker=396f12f8-521e-4b91-8e21-2e003500433a &page_reverse=True "
,
"rel "
:
"previous "
}
]
}
The last page won’t show the
next
links
Example Network collection, last page: JSON request
GET /v2.0/networks.json?limit=2 &marker=71c1e68c-171a-4aa2-aca5-50ea153a3718 HTTP/1.1
Host: 127.0.0.1:9696
Content-Type: application/json
Accept: application/json
Example Network collection, last page: JSON response
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"id "
:
"b3680498-03da-4691-896f-ef9ee1d856a7 "
,
"name "
:
"net1 "
,
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"physnet1 "
,
"provider:segmentation_id "
:
1000
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"tenant_id "
:
"c05140b3dc7c4555afff9fab6b58edc2 "
"project_id "
:
"c05140b3dc7c4555afff9fab6b58edc2 "
}
],
"networks_links "
:
[
{
"href "
:
"http://127.0.0.1:9696/v2.0/networks.json?limit=2 &marker=b3680498-03da-4691-896f-ef9ee1d856a7 &page_reverse=True "
,
"rel "
:
"previous "
}
]
}
You can use the
sort_key
and
sort_dir
parameters to sort the
results of list operations. Currently sorting does not work with extended
attributes of resource. The
sort_key
and
sort_dir
can be repeated,
and the number of
sort_key
and
sort_dir
provided must be same. The
sort_dir
parameter indicates in which direction to sort. Acceptable
values are
asc
(ascending) and
desc
(descending).
Sorting is optional feature of OpenStack Networking API, and it might be disabled. If sorting is disabled, the sorting parameters are ignored.
If a particular plug-in does not support sorting operations and sorting is enabled, the Networking API v2.0 emulates the sorting behavior so that users can expect the same behavior regardless of the particular plug-in that runs in the background.
To determine if sorting is supported, a user can check whether the ‘sorting’ extension API is available.
Starting from Rocky release, the Networking API performs validation on
sorting attributes if the API extension
sort-key-validation
is available.
If an API request contains an unknown or unsupported sort key,
the server will return a
400
response instead of silently ignoring
the invalid input.
The Networking API v2.0 is extensible.
The purpose of Networking API v2.0 extensions is to:
To programmatically determine which extensions are available, issue a
GET
request on the
v2.0/extensions
URI.
To query extensions individually by unique alias, issue a
GET
request on
the
/v2.0/extensions/*alias_name*
URI. Use this method to easily
determine if an extension is available. If the extension is not available, a
404
Not
Found
response is returned.
You can extend existing core API resources with new actions or extra attributes. Also, you can add new resources as extensions. Extensions usually have tags that prevent conflicts with other extensions that define attributes or resources with the same names, and with core resources and attributes. Because an extension might not be supported by all plug-ins, the availability of an extension varies with deployments and the specific plug-in in use.
The Networking API v2.0 returns an error response if a failure occurs while
processing a request. OpenStack Networking uses only standard HTTP error codes.
4nn
errors indicate problems in the particular request being sent from
the client.
| Error | Description |
|---|---|
400
|
Bad request Malformed request URI or body requested admin state invalid Invalid values entered Bulk operations disallowed Validation failed Method not allowed for request body (such as trying to update attributes that can be specified at create-time only) |
404
|
Not Found Non existent URI Resource not found |
409
|
Conflict Port configured on network IP allocated on subnet Conflicting IP allocation pools for subnet |
412
|
Precondition failed The revision number is mismatched |
500
|
Internal server error Internal OpenStack Networking error |
503
|
Service unavailable Failure in Mac address generation |
Users submitting requests to the Networking API v2.0 might also receive the following errors:
401
Unauthorized
- If invalid credentials are provided.
403
Forbidden
- If the user cannot access a specific resource or perform
the requested operation.
The
Resource
revision
numbers
extension (
standard-attr-revisions
) adds
the
revision_number
attribute to all API resources that support standard
attributes. This includes networks, ports, subnets, subnet pools, floating IPs,
routers, logs, security groups/rules, network segments, QoS policies and trunks.
As you’d expect, the
revision_number
indicates the number of updates a
particular resource has undergone and is read-only.
In addition, the
If-Match
constraints
based
on
revision_number
extension
(
revision-if-match
) allows API consumers to leverage the
If-Match
HTTP
header to conditionally update/delete a resource when the HTTP
If-Match
header matches the
revision_number
of the said resource.
If the HTTP
If-Match
header doesn’t match the
revision_number
of the
resource, users will receive the following errors:
412
Precondition
failed
- Update/Delete the target resource has been
denied due to the mismatch of revision number.
Lists information for all Networking API versions.
Lists information about all Networking API versions.
Normal response codes: 200
| Name | In | Type | Description |
|---|---|---|---|
| versions | body | array | List of versions. |
| status | body | string |
Status of the API, which can be
CURRENT
,
STABLE
or
DEPRECATED
.
|
| id | body | string | Version of the API. |
| links | body | array | List of version links. Each link is a dict with ‘href’ and ‘rel’. |
| href | body | string | Link to the API. |
| rel | body | string | Relationship of link with the version. |
{
"versions "
:
[
{
"status "
:
"CURRENT "
,
"id "
:
"v2.0 "
,
"links "
:
[
{
"href "
:
"http://23.253.228.211:9696/v2.0 "
,
"rel "
:
"self "
}
]
}
]
}
Shows details for Networking API v2.0.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| resources | body | array | List of resource objects. |
| name | body | string | Name of the resource. |
| collection | body | string | Collection name of the resource. |
| links | body | array | List of links related to the resource. Each link is a dict with ‘href’ and ‘rel’. |
| href | body | string | Link to the resource. |
| rel | body | string | Relationship between link and the resource. |
{
"resources "
:
[
{
"links "
:
[
{
"href "
:
"http://23.253.228.211:9696/v2.0/subnets "
,
"rel "
:
"self "
}
],
"name "
:
"subnet "
,
"collection "
:
"subnets "
},
{
"links "
:
[
{
"href "
:
"http://23.253.228.211:9696/v2.0/networks "
,
"rel "
:
"self "
}
],
"name "
:
"network "
,
"collection "
:
"networks "
},
{
"links "
:
[
{
"href "
:
"http://23.253.228.211:9696/v2.0/ports "
,
"rel "
:
"self "
}
],
"name "
:
"port "
,
"collection "
:
"ports "
}
]
}
Extensions introduce features and vendor-specific functionality to the API.
Lists available extensions.
Lists available Networking API v2.0 extensions and shows details for an extension.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| extensions | body | array |
A list of
extension
objects.
|
| name | body | string | Human-readable name of the resource. |
| links | body | array | List of links related to the extension. |
| alias | body | string | The alias for the extension. For example “quotas” or “security-group”. |
| updated | body | string | The date and timestamp when the extension was last updated. |
| description | body | string | The human-readable description for the resource. |
{
"extensions "
:
[
{
"updated "
:
"2013-01-20T00:00:00-00:00 "
,
"name "
:
"Neutron Service Type Management "
,
"links "
:
[],
"alias "
:
"service-type "
,
"description "
:
"API for retrieving service providers for Neutron advanced services "
},
{
"updated "
:
"2012-10-05T10:00:00-00:00 "
,
"name "
:
"security-group "
,
"links "
:
[],
"alias "
:
"security-group "
,
"description "
:
"The security groups extension."
},
{
"updated "
:
"2013-02-07T10:00:00-00:00 "
,
"name "
:
"L3 Agent Scheduler "
,
"links "
:
[],
"alias "
:
"l3_agent_scheduler "
,
"description "
:
"Schedule routers among l3 agents "
},
{
"updated "
:
"2013-02-07T10:00:00-00:00 "
,
"name "
:
"Loadbalancer Agent Scheduler "
,
"links "
:
[],
"alias "
:
"lbaas_agent_scheduler "
,
"description "
:
"Schedule pools among lbaas agents "
},
{
"updated "
:
"2013-03-28T10:00:00-00:00 "
,
"name "
:
"Neutron L3 Configurable external gateway mode "
,
"links "
:
[],
"alias "
:
"ext-gw-mode "
,
"description "
:
"Extension of the router abstraction for specifying whether SNAT should occur on the external gateway "
},
{
"updated "
:
"2014-02-03T10:00:00-00:00 "
,
"name "
:
"Port Binding "
,
"links "
:
[],
"alias "
:
"binding "
,
"description "
:
"Expose port bindings of a virtual port to external application "
},
{
"updated "
:
"2012-09-07T10:00:00-00:00 "
,
"name "
:
"Provider Network "
,
"links "
:
[],
"alias "
:
"provider "
,
"description "
:
"Expose mapping of virtual networks to physical networks "
},
{
"updated "
:
"2013-02-03T10:00:00-00:00 "
,
"name "
:
"agent "
,
"links "
:
[],
"alias "
:
"agent "
,
"description "
:
"The agent management extension."
},
{
"updated "
:
"2012-07-29T10:00:00-00:00 "
,
"name "
:
"Quota management support "
,
"links "
:
[],
"alias "
:
"quotas "
,
"description "
:
"Expose functions for quotas management per tenant "
},
{
"updated "
:
"2013-02-07T10:00:00-00:00 "
,
"name "
:
"DHCP Agent Scheduler "
,
"links "
:
[],
"alias "
:
"dhcp_agent_scheduler "
,
"description "
:
"Schedule networks among dhcp agents "
},
{
"updated "
:
"2013-06-27T10:00:00-00:00 "
,
"name "
:
"Multi Provider Network "
,
"links "
:
[],
"alias "
:
"multi-provider "
,
"description "
:
"Expose mapping of virtual networks to multiple physical networks "
},
{
"updated "
:
"2013-01-14T10:00:00-00:00 "
,
"name "
:
"Neutron external network "
,
"links "
:
[],
"alias "
:
"external-net "
,
"description "
:
"Adds external network attribute to network resource."
},
{
"updated "
:
"2012-07-20T10:00:00-00:00 "
,
"name "
:
"Neutron L3 Router "
,
"links "
:
[],
"alias "
:
"router "
,
"description "
:
"Router abstraction for basic L3 forwarding between L2 Neutron networks and access to external networks via a NAT gateway."
},
{
"updated "
:
"2013-07-23T10:00:00-00:00 "
,
"name "
:
"Allowed Address Pairs "
,
"links "
:
[],
"alias "
:
"allowed-address-pairs "
,
"description "
:
"Provides allowed address pairs "
},
{
"updated "
:
"2013-03-17T12:00:00-00:00 "
,
"name "
:
"Neutron Extra DHCP opts "
,
"links "
:
[],
"alias "
:
"extra_dhcp_opt "
,
"description "
:
"Extra options configuration for DHCP. For example PXE boot options to DHCP clients can be specified (e.g. tftp-server, server-ip-address, bootfile-name)"
},
{
"updated "
:
"2012-10-07T10:00:00-00:00 "
,
"name "
:
"LoadBalancing service "
,
"links "
:
[],
"alias "
:
"lbaas "
,
"description "
:
"Extension for LoadBalancing service "
},
{
"updated "
:
"2013-02-01T10:00:00-00:00 "
,
"name "
:
"Neutron Extra Route "
,
"links "
:
[],
"alias "
:
"extraroute "
,
"description "
:
"Extra routes configuration for L3 router "
},
{
"updated "
:
"2016-01-24T10:00:00-00:00 "
,
"name "
:
"Neutron Port Data Plane Status "
,
"links "
:
[],
"alias "
:
"data-plane-status "
,
"description "
:
"Status of the underlying data plane."
}
]
}
Shows details for an extension, by alias. The response shows the extension name and its alias. To show details for an extension, you specify the alias.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| alias | path | string | The alias of an extension. |
| Name | In | Type | Description |
|---|---|---|---|
| extension | body | object |
An
extension
object.
|
| name | body | string | Human-readable name of the resource. |
| links | body | array | List of links related to the extension. |
| alias | body | string | The alias for the extension. For example “quotas” or “security-group”. |
| updated | body | string | The date and timestamp when the extension was last updated. |
| description | body | string | The human-readable description for the resource. |
{
"extension "
:
{
"updated "
:
"2013-02-03T10:00:00-00:00 "
,
"name "
:
"agent "
,
"links "
:
[],
"alias "
:
"agent "
,
"description "
:
"The agent management extension."
}
}
Lists, shows details for, creates, updates, and deletes networks.
The
address-scope
extension adds the
ipv4_address_scope
and
ipv6_address_scope
attributes to networks.
ipv4_address_scope
is the ID of the IPv4 address scope that the network is associated with.
ipv6_address_scope
is the ID of the IPv6 address scope that the network
is associated with.
The
auto-allocated-topology
extension adds the
is_default
boolean
attribute to networks. This value indicates the network should be used when
auto allocating topologies.
The
dns-integration
extension adds the
dns_domain
attribute to networks.
The
dns_domain
of a network in conjunction with the
dns_name
attribute
of its ports will be published in an external DNS service when Neutron is
configured to integrate with such a service.
The
external-net
extension adds the
router:external
attribute to
networks. This boolean attribute indicates the network has an external
routing facility that’s not managed by the networking service.
The
floatingip-autodelete-internal
shim extension signals that the
update of a network’s
router:external
attribute from
true
to
false
autodeletes the unused Floating IPs of that network.
The
l2_adjacency
extension provides display of L2 Adjacency
for
networks
by adding the read-only
l2_adjacency
attribute.
This is a boolean value where
true
means that you can expect
L2 connectivity throughout the Network and
false
means that there
is no guarantee of L2 connectivity.
This value is read-only and is derived from the current state of
segments
within the
network
.
The
net-mtu
extension allows plug-ins to expose the MTU that is guaranteed
to pass through the data path of the segments in the network. This extension
introduces a read-only
mtu
attribute.
A newer
net-mtu-writable
extension enhances
net-mtu
in that now the
mtu
attribute is available for write (both when creating as well as
updating networks).
The
multi-provider
extension allows administrative users to define multiple
physical bindings for a logical network.
To define multiple physical bindings for a network, include a
segments
list
in the request body of network creation request. Each element in the
segments
list has the same structure as the provider network
attributes. These attributes are
provider:network_type
,
provider:physical_network
, and
provider:segmentation_id
. The same
validation rules are applied to each element in the
segments
list.
Note that you cannot use the provider extension and the multiple provider extension for a single logical network.
The
network_availability_zone
extension provides support of availability
zone for networks, exposing
availability_zone_hints
and
availability_zones
attributes.
The
port-security
extension adds the
port_security_enabled
boolean
attribute to networks. At the network level,
port_security_enabled
defines the default value for new ports attached to the network; they will
inherit the value of their network’s
port_security_enabled
unless
explicitly set on the port itself. While the default value for
port_security_enabled
is
true
, this can be changed by updating the
respective network. Note that changing a value of
port_security_enabled
on a network, does not cascade the value to ports attached to the network.
The
provider
extension allows administrative users to define a physical
binding of a logical network. This extension provides three additional
attributes:
provider:network_type
,
provider:physical_network
and
provider:segmentation_id
. The validation rules for these attributes
vary across
provider:network_type
. For example,
vlan
and
flat
network types require
provider:physical_network
attribute, but
vxlan
network type does not.
Most Networking plug-ins (e.g. ML2 Plugin) and drivers do not support updating any provider related attributes. Check your plug-in whether it supports updating.
The
QoS
extension (
qos
) makes it possible to
define QoS policies and associate these to the networks by introducing the
qos_policy_id
attribute. The policies should be created before they are
associated to the networks.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
The
vlan-transparent
extension enables plug-ins that support VLAN
transparency to deliver VLAN transparent trunk networks.
This extension introduces a
vlan_transparent
attribute to control
the VLAN transparency of the network. If the service does not support VLAN
transparency and a user requests a VLAN transparent network,
the plug-in refuses to create one and returns an appropriate error to the user.
Shows details for a network.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| network_id | path | string | The ID of the network. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| network | body | object |
A
network
object.
|
| admin_state_up | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| availability_zone_hints | body | array | The availability zone candidate for the network. |
| availability_zones | body | array | The availability zone for the network. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| dns_domain | body | string | A valid DNS domain. |
| id | body | string | The ID of the network. |
| ipv4_address_scope | body | string | The ID of the IPv4 address scope that the network is associated with. |
| ipv6_address_scope | body | string | The ID of the IPv6 address scope that the network is associated with. |
| l2_adjacency | body | boolean |
Indicates whether L2 connectivity is available throughout
the
network
.
|
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name | body | string | Human-readable name of the network. |
| port_security_enabled | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id | body | string | The ID of the project. |
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id | body | string | The ID of the QoS policy associated with the network. |
| revision_number | body | integer | The revision number of the resource. |
| router:external | body | boolean |
Indicates whether the network has an external routing facility that’s not
managed by the networking service. If the network is updated from external
to internal the unused floating IPs of this network are automatically
deleted when extension
floatingip-autodelete-internal
is present.
|
| segments | body | array |
A list of provider
segment
objects.
|
| shared | body | boolean | Indicates whether this network is shared across all tenants. By default, only administrative users can change this value. |
| status | body | string |
The network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| subnets | body | array | The associated subnets. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| vlan_transparent | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The network is default pool or not. |
| tags | body | array | The list of tags on the resource. |
{
"network "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"private-network "
,
"port_security_enabled "
:
true
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
true
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
true
}
}
{
"network "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"private-network "
,
"port_security_enabled "
:
true
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"provider:network_type "
:
"local "
,
"provider:physical_network "
:
null
,
"provider:segmentation_id "
:
null
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
true
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
true
}
}
{
"network "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"4e8e5957-649f-477b-9e5b-f1f75b21c03c "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"net1 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"segments "
:
[
{
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"public "
,
"provider:segmentation_id "
:
2
},
{
"provider:network_type "
:
"flat "
,
"provider:physical_network "
:
"default "
,
"provider:segmentation_id "
:
0
}
],
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
false
}
}
Updates a network.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| network_id | path | string | The ID of the network. |
| network | body | object |
A
network
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| dns_domain (Optional) | body | string | A valid DNS domain. |
| mtu (Optional) | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name (Optional) | body | string | Human-readable name of the network. |
| port_security_enabled (Optional) | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id (Optional) | body | string | The ID of the QoS policy associated with the network. |
| router:external (Optional) | body | boolean | Indicates whether the network has an external routing facility that’s not managed by the networking service. |
| segments | body | array |
A list of provider
segment
objects.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| is_default (Optional) | body | boolean | The network is default or not. |
{
"network "
:
{
"dns_domain "
:
"my-domain.org."
,
"name "
:
"sample_network_5_updated "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"mtu "
:
1300
}
}
{
"network "
:
{
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"public "
,
"provider:segmentation_id "
:
2
}
}
{
"network "
:
{
"segments "
:
[
{
"provider:segmentation_id "
:
2
,
"provider:physical_network "
:
"public "
,
"provider:network_type "
:
"vlan "
},
{
"provider:physical_network "
:
"default "
,
"provider:network_type "
:
"flat "
}
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| network | body | object |
A
network
object.
|
| admin_state_up | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| availability_zone_hints | body | array | The availability zone candidate for the network. |
| availability_zones | body | array | The availability zone for the network. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| dns_domain | body | string | A valid DNS domain. |
| id | body | string | The ID of the network. |
| ipv4_address_scope | body | string | The ID of the IPv4 address scope that the network is associated with. |
| ipv6_address_scope | body | string | The ID of the IPv6 address scope that the network is associated with. |
| l2_adjacency | body | boolean |
Indicates whether L2 connectivity is available throughout
the
network
.
|
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name | body | string | Human-readable name of the network. |
| port_security_enabled | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id | body | string | The ID of the project. |
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id | body | string | The ID of the QoS policy associated with the network. |
| revision_number | body | integer | The revision number of the resource. |
| router:external | body | boolean |
Indicates whether the network has an external routing facility that’s not
managed by the networking service. If the network is updated from external
to internal the unused floating IPs of this network are automatically
deleted when extension
floatingip-autodelete-internal
is present.
|
| segments | body | array |
A list of provider
segment
objects.
|
| shared | body | boolean | Indicates whether this network is shared across all tenants. By default, only administrative users can change this value. |
| status | body | string |
The network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| subnets | body | array | The associated subnets. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The network is default pool or not. |
| tags | body | array | The list of tags on the resource. |
This is an example when a regular user without administrative roles sends a PUT request. Response examples for administrative users are similar to responses of Show network details and Create network . See them for details.
{
"network "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"1f370095-98f6-4079-be64-6d3d4a6adcc6 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1300
,
"name "
:
"sample_network_5_updated "
,
"port_security_enabled "
:
true
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
2
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
false
}
}
Deletes a network and its associated resources.
Normal response codes: 204
Error response codes: 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| network_id | path | string | The ID of the network. |
There is no body content for the response of a successful DELETE request.
Lists networks to which the project has access.
Default policy settings return only networks that the project who submits the request owns, unless an administrative user submits the request. In addition, networks shared with the project who submits the request are also returned.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
You can also use the
tags
,
tags-any
,
not-tags
,
not-tags-any
query parameter to filter the response with tags. For information,
see REST API Impact
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | query | boolean |
Filter the list result by the administrative state of the resource,
which is up (
true
) or down (
false
).
|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| mtu (Optional) | query | integer |
Filter the network list result by the maximum transmission unit (MTU)
value to address fragmentation. Minimum value is
68
for IPv4,
and
1280
for IPv6.
|
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| provider:network_type (Optional) | query | string |
Filter the list result by the type of physical network that this
network/segment is mapped to. For example,
flat
,
vlan
,
vxlan
,
or
gre
. Valid values depend on a networking back-end.
|
| provider:physical_network (Optional) | query | string | Filter the list result by the physical network where this network/segment is implemented. |
| provider:segmentation_id (Optional) | query | integer | Filter the list result by the ID of the isolated segment on the physical network. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| router:external (Optional) | query | boolean | Filter the network list result based on whether the network has an external routing facility that’s not managed by the networking service. |
| shared (Optional) | query | boolean | Filter the network list result based on if the network is shared across all tenants. |
| status (Optional) | query | string |
Filter the network list result by network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| vlan_transparent (Optional) | query | boolean |
Filter the network list by the VLAN transparency mode of the network,
which is VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| is_default (Optional) | query | boolean | Filter the network list result based on if the network is default pool or not. |
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a network attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| networks | body | array |
A list of
network
objects.
|
| admin_state_up | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| availability_zone_hints | body | array | The availability zone candidate for the network. |
| availability_zones | body | array | The availability zone for the network. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| dns_domain | body | string | A valid DNS domain. |
| id | body | string | The ID of the network. |
| ipv4_address_scope | body | string | The ID of the IPv4 address scope that the network is associated with. |
| ipv6_address_scope | body | string | The ID of the IPv6 address scope that the network is associated with. |
| l2_adjacency | body | boolean |
Indicates whether L2 connectivity is available throughout
the
network
.
|
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name | body | string | Human-readable name of the network. |
| port_security_enabled | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id | body | string | The ID of the project. |
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id | body | string | The ID of the QoS policy associated with the network. |
| revision_number | body | integer | The revision number of the resource. |
| router:external | body | boolean |
Indicates whether the network has an external routing facility that’s not
managed by the networking service. If the network is updated from external
to internal the unused floating IPs of this network are automatically
deleted when extension
floatingip-autodelete-internal
is present.
|
| segments | body | array |
A list of provider
segment
objects.
|
| shared | body | boolean | Indicates whether this network is shared across all tenants. By default, only administrative users can change this value. |
| status | body | string |
The network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| subnets | body | array | The associated subnets. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| vlan_transparent | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The network is default pool or not. |
| tags | body | array | The list of tags on the resource. |
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"net1 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
true
,
"description "
:
""
,
"is_default "
:
false
},
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"db193ab3-96e3-4cb3-8fc5-05f4296d0324 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"net2 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"qos_policy_id "
:
"bfdb6c39f71e4d44b1dfbda245c50819 "
,
"revision_number "
:
3
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"08eae331-0402-425a-923c-34f7cfe39c1b "
],
"tenant_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
false
}
]
}
When Administrative users request to list networks,
physical segment information bound to the networks are also returned
in a response. In this example, a network
net1
is mapped to a single
network segment and a network
net2
is mapped to multiple network segments.
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"net1 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"public "
,
"provider:segmentation_id "
:
3
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
true
,
"description "
:
""
,
"is_default "
:
false
},
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"db193ab3-96e3-4cb3-8fc5-05f4296d0324 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1450
,
"name "
:
"net2 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"qos_policy_id "
:
null
,
"provider:network_type "
:
"local "
,
"provider:physical_network "
:
null
,
"provider:segmentation_id "
:
null
,
"qos_policy_id "
:
"bfdb6c39f71e4d44b1dfbda245c50819 "
,
"revision_number "
:
2
,
"router:external "
:
false
,
"segments "
:
[
{
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"public "
,
"provider:segmentation_id "
:
2
},
{
"provider:network_type "
:
"vxlan "
,
"provider:physical_network "
:
"default "
,
"provider:segmentation_id "
:
1000
}
],
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"08eae331-0402-425a-923c-34f7cfe39c1b "
],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
false
}
]
}
Creates a network.
A request body is optional. An administrative user can specify another project ID, which is the project that owns the network, in the request body.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| network | body | object |
A
network
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| dns_domain (Optional) | body | string | A valid DNS domain. |
| mtu (Optional) | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name (Optional) | body | string | Human-readable name of the network. |
| port_security_enabled (Optional) | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| provider:network_type (Optional) | body | string |
The type of physical network that this network should be mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network (Optional) | body | string | The physical network where this network should be implemented. The Networking API v2.0 does not provide a way to list available physical networks. For example, the Open vSwitch plug-in configuration file defines a symbolic name that maps to specific bridges on each compute host. |
| provider:segmentation_id (Optional) | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id (Optional) | body | string | The ID of the QoS policy associated with the network. |
| router:external (Optional) | body | boolean | Indicates whether the network has an external routing facility that’s not managed by the networking service. |
| segments (Optional) | body | array |
A list of provider
segment
objects.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| vlan_transparent (Optional) | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| is_default (Optional) | body | boolean | The network is default or not. |
| availability_zone_hints (Optional) | body | array | The availability zone candidate for the network. |
{
"network "
:
{
"name "
:
"sample_network "
,
"admin_state_up "
:
true
,
"dns_domain "
:
"my-domain.org."
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"mtu "
:
1400
}
}
{
"network "
:
{
"admin_state_up "
:
true
,
"name "
:
"net1 "
,
"provider:network_type "
:
"vlan "
,
"provider:physical_network "
:
"public "
,
"provider:segmentation_id "
:
2
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
}
}
{
"network "
:
{
"segments "
:
[
{
"provider:segmentation_id "
:
2
,
"provider:physical_network "
:
"public "
,
"provider:network_type "
:
"vlan "
},
{
"provider:physical_network "
:
"default "
,
"provider:network_type "
:
"flat "
}
],
"name "
:
"net1 "
,
"admin_state_up "
:
true
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| network | body | object |
A
network
object.
|
| admin_state_up | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| availability_zone_hints | body | array | The availability zone candidate for the network. |
| availability_zones | body | array | The availability zone for the network. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| dns_domain | body | string | A valid DNS domain. |
| id | body | string | The ID of the network. |
| ipv4_address_scope | body | string | The ID of the IPv4 address scope that the network is associated with. |
| ipv6_address_scope | body | string | The ID of the IPv6 address scope that the network is associated with. |
| l2_adjacency | body | boolean |
Indicates whether L2 connectivity is available throughout
the
network
.
|
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name | body | string | Human-readable name of the network. |
| port_security_enabled | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id | body | string | The ID of the project. |
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id | body | string | The ID of the QoS policy associated with the network. |
| revision_number | body | integer | The revision number of the resource. |
| router:external | body | boolean |
Indicates whether the network has an external routing facility that’s not
managed by the networking service. If the network is updated from external
to internal the unused floating IPs of this network are automatically
deleted when extension
floatingip-autodelete-internal
is present.
|
| segments | body | array |
A list of provider
segment
objects.
|
| shared | body | boolean | Indicates whether this network is shared across all tenants. By default, only administrative users can change this value. |
| status | body | string |
The network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| subnets | body | array | The associated subnets. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| vlan_transparent | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The network is default pool or not. |
| tags | body | array | The list of tags on the resource. |
{
"network "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"4e8e5957-649f-477b-9e5b-f1f75b21c03c "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
true
,
"mtu "
:
1400
,
"name "
:
"net1 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
false
}
}
{
"network "
:
{
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
""
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"name "
:
"net1 "
,
"provider:physical_network "
:
"public "
,
"admin_state_up "
:
true
,
"project_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"provider:network_type "
:
"vlan "
,
"l2_adjacency "
:
true
,
"mtu "
:
1500
,
"shared "
:
false
,
"id "
:
"4e8e5957-649f-477b-9e5b-f1f75b21c03c "
,
"provider:segmentation_id "
:
2
,
"description "
:
""
,
"port_security_enabled "
:
true
,
"is_default "
:
false
}
}
{
"network "
:
{
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"name "
:
"net1 "
,
"admin_state_up "
:
true
,
"dns_domain "
:
""
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
true
,
"mtu "
:
1500
,
"port_security_enabled "
:
true
,
"project_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"9bacb3c5d39d41a79512987f338cf177 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"segments "
:
[
{
"provider:segmentation_id "
:
2
,
"provider:physical_network "
:
"public "
,
"provider:network_type "
:
"vlan "
},
{
"provider:segmentation_id "
:
null
,
"provider:physical_network "
:
"default "
,
"provider:network_type "
:
"flat "
}
],
"shared "
:
false
,
"id "
:
"4e8e5957-649f-477b-9e5b-f1f75b21c03c "
,
"description "
:
""
,
"is_default "
:
false
}
}
Creates multiple networks in a single request.
In the request body, specify a list of networks.
The bulk create operation is always atomic. Either all or no networks in the request body are created.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| networks | body | array |
A list of
network
objects.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| dns_domain (Optional) | body | string | A valid DNS domain. |
| mtu (Optional) | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name (Optional) | body | string | Human-readable name of the network. |
| port_security_enabled (Optional) | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| provider:network_type (Optional) | body | string |
The type of physical network that this network should be mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network (Optional) | body | string | The physical network where this network should be implemented. The Networking API v2.0 does not provide a way to list available physical networks. For example, the Open vSwitch plug-in configuration file defines a symbolic name that maps to specific bridges on each compute host. |
| provider:segmentation_id (Optional) | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id (Optional) | body | string | The ID of the QoS policy associated with the network. |
| router:external (Optional) | body | boolean | Indicates whether the network has an external routing facility that’s not managed by the networking service. |
| segments (Optional) | body | array |
A list of provider
segment
objects.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| vlan_transparent (Optional) | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| availability_zone_hints (Optional) | body | array | The availability zone candidate for the network. |
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"name "
:
"sample_network3 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
},
{
"admin_state_up "
:
true
,
"name "
:
"sample_network4 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
}
]
}
| Name | In | Type | Description |
|---|---|---|---|
| networks | body | array |
A list of
network
objects.
|
| admin_state_up | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| availability_zone_hints | body | array | The availability zone candidate for the network. |
| availability_zones | body | array | The availability zone for the network. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| dns_domain | body | string | A valid DNS domain. |
| id | body | string | The ID of the network. |
| ipv4_address_scope | body | string | The ID of the IPv4 address scope that the network is associated with. |
| ipv6_address_scope | body | string | The ID of the IPv6 address scope that the network is associated with. |
| l2_adjacency | body | boolean |
Indicates whether L2 connectivity is available throughout
the
network
.
|
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name | body | string | Human-readable name of the network. |
| port_security_enabled | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id | body | string | The ID of the project. |
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id | body | string | The ID of the QoS policy associated with the network. |
| revision_number | body | integer | The revision number of the resource. |
| router:external | body | boolean |
Indicates whether the network has an external routing facility that’s not
managed by the networking service. If the network is updated from external
to internal the unused floating IPs of this network are automatically
deleted when extension
floatingip-autodelete-internal
is present.
|
| segments | body | array |
A list of provider
segment
objects.
|
| shared | body | boolean | Indicates whether this network is shared across all tenants. By default, only administrative users can change this value. |
| status | body | string |
The network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| subnets | body | array | The associated subnets. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| vlan_transparent | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The network is default pool or not. |
| tags | body | array | The list of tags on the resource. |
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
""
,
"id "
:
"bc1a76cb-8767-4c3a-bb95-018b822f2130 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
true
,
"mtu "
:
1500
,
"name "
:
"sample_network3 "
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"port_security_enabled "
:
true
,
"is_default "
:
false
},
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
""
,
"id "
:
"af374017-c9ae-4a1d-b799-ab73111476e2 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
true
,
"mtu "
:
1500
,
"name "
:
"sample_network4 "
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[],
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"port_security_enabled "
:
true
,
"is_default "
:
false
}
]
}
The network segment range extension exposes the segment range management to be administered via the Neutron API. It introduces the network-segment-range resource for tenant network segment allocation. In addition, it introduces the ability for the administrator to control the segment ranges globally or on a per-tenant basis.
Lists, shows details for, creates, updates, and deletes network segment ranges. The network segment ranges API is admin-only.
Shows details for a network segment range.
You can control which response parameters are returned by using the fields query parameter. For information, see Filtering and column selection .
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| network_segment_range_id | path | string | The ID of the network segment range. |
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the network segment range. |
| name | body | string | Human-readable name of the resource. |
| default | body | boolean | Defines whether the network segment range is the default that is loaded from the host ML2 config file. |
| shared | body | boolean | Indicates whether this network segment range is shared across all projects. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| network_type | body | string |
The type of physical network that maps to this network segment range
resource. For example,
vlan
,
vxlan
, or
gre
. Valid values depend
on a networking back-end.
|
| physical_network | body | string | The physical network where this network segment range is implemented. |
| minimum | body | integer | The minimum segmentation ID of the network segment range. |
| maximum | body | integer | The maximum segmentation ID of the network segment range. |
| available | body | list | List of available segmentation IDs in the network segment range. |
| used | body | dict | Mapping of which segmentation ID in the network segment range is used by which project. |
{
"network_segment_range "
:
{
"id "
:
"59b38ee8-6642-418a-88b7-756861606ecb "
,
"name "
:
"range_vlan_physnet1 "
,
"default "
:
false
,
"shared "
:
false
,
"tenant_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"project_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"network_type "
:
"vlan "
,
"physical_network "
:
"physnet1 "
,
"minimum "
:
10
,
"maximum "
:
20
,
"available "
:
[
10
,
11
,
12
,
13
,
14
,
15
,
16
,
19
,
20
],
"used "
:
{
"17 "
:
"5fc1cd2f16ab4c8fbba2e780891b9de3 "
,
"18 "
:
"87504c1c9d86439882ff90fdbfb096ad "
}
}
}
Updates a network segment range.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| network_segment_range_id | path | string | The ID of the network segment range. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| minimum (Optional) | body | integer | The minimum segmentation ID of the network segment range. |
| maximum (Optional) | body | integer | The maximum segmentation ID of the network segment range. |
{
"network_segment_range "
:
{
"name "
:
"new_range "
,
"minimum "
:
10
,
"maximum "
:
20
}
}
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the network segment range. |
| name | body | string | Human-readable name of the resource. |
| default | body | boolean | Defines whether the network segment range is the default that is loaded from the host ML2 config file. |
| shared | body | boolean | Indicates whether this network segment range is shared across all projects. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| network_type | body | string |
The type of physical network that maps to this network segment range
resource. For example,
vlan
,
vxlan
, or
gre
. Valid values depend
on a networking back-end.
|
| physical_network | body | string | The physical network where this network segment range is implemented. |
| minimum | body | integer | The minimum segmentation ID of the network segment range. |
| maximum | body | integer | The maximum segmentation ID of the network segment range. |
| available | body | list | List of available segmentation IDs in the network segment range. |
| used | body | dict | Mapping of which segmentation ID in the network segment range is used by which project. |
{
"network_segment_range "
:
{
"id "
:
"50089a13-4a9f-4421-85ba-5222e84610c3 "
,
"name "
:
"new_range "
,
"default "
:
false
,
"shared "
:
false
,
"tenant_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"project_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"network_type "
:
"vxlan "
,
"physical_network "
:
null
,
"minimum "
:
10
,
"maximum "
:
20
,
"available "
:
[
10
,
11
,
12
,
13
,
14
,
15
,
16
,
19
,
20
],
"used "
:
{
"17 "
:
"5fc1cd2f16ab4c8fbba2e780891b9de3 "
,
"18 "
:
"87504c1c9d86439882ff90fdbfb096ad "
}
}
}
Deletes a network segment range.
Normal response codes: 204
Error response codes: 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| network_segment_range_id | path | string | The ID of the network segment range. |
There is no body content for the response of a successful DELETE request.
Lists network segment ranges to which the admin has access.
Use the
fields
query parameter to filter the response. For
information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the network segment range list result based on the range ID. |
| name (Optional) | query | string | Filter the network segment range list result based on the name of the range. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| network_type (Optional) | query | string |
Filter the list result by the type of physical network that this
network segment range is mapped to. For example,
vlan
,
vxlan
, or
gre
. Valid values depend on a networking back-end.
|
| physical_network (Optional) | query | string | Filter the list result by the physical network where this network segment range is implemented. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a network segment range attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the network segment range. |
| name | body | string | Human-readable name of the resource. |
| default | body | boolean | Defines whether the network segment range is the default that is loaded from the host ML2 config file. |
| shared | body | boolean | Indicates whether this network segment range is shared across all projects. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| network_type | body | string |
The type of physical network that maps to this network segment range
resource. For example,
vlan
,
vxlan
, or
gre
. Valid values depend
on a networking back-end.
|
| physical_network | body | string | The physical network where this network segment range is implemented. |
| minimum | body | integer | The minimum segmentation ID of the network segment range. |
| maximum | body | integer | The maximum segmentation ID of the network segment range. |
| available | body | list | List of available segmentation IDs in the network segment range. |
| used | body | dict | Mapping of which segmentation ID in the network segment range is used by which project. |
{
"network_segment_ranges "
:
[
{
"id "
:
"59b38ee8-6642-418a-88b7-756861606ecb "
,
"name "
:
"range_vlan_physnet1 "
,
"default "
:
false
,
"shared "
:
false
,
"tenant_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"project_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"network_type "
:
"vlan "
,
"physical_network "
:
"physnet1 "
,
"minimum "
:
10
,
"maximum "
:
20
,
"available "
:
[
10
,
11
,
12
,
13
,
14
,
15
,
16
,
19
,
20
],
"used "
:
{
"17 "
:
"5fc1cd2f16ab4c8fbba2e780891b9de3 "
,
"18 "
:
"87504c1c9d86439882ff90fdbfb096ad "
}
},
{
"id "
:
"91ea6e31-3a6d-4541-8432-b49b4cacf893 "
,
"name "
:
"range_vxlan "
,
"default "
:
false
,
"shared "
:
true
,
"tenant_id "
:
null
,
"project_id "
:
null
,
"network_type "
:
"vxlan "
,
"physical_network "
:
null
,
"minimum "
:
40
,
"maximum "
:
50
,
"available "
:
[
40
,
41
,
43
,
44
,
46
,
47
,
48
,
49
,
50
],
"used "
:
{
"42 "
:
"07ac1127ee9647d48ce2626867104a13 "
,
"45 "
:
"d4fa62aa47d340d98d076801aa7e6ec4 "
}
}
]
}
Creates a network segment range.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| name (Optional) | body | string | Human-readable name of the network segment range. |
| shared | body | boolean | Indicates whether this network segment range is shared across all projects. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. |
| network_type | body | string |
The type of physical network that maps to this network segment range
resource. For example,
vlan
,
vxlan
, or
gre
. Valid values depend
on a networking back-end.
|
| physical_network (Optional) | body | string | The physical network where this network segment range is implemented. |
| minimum | body | integer | The minimum segmentation ID of the network segment range. |
| maximum | body | integer | The minimum segmentation ID of the network segment range. |
{
"network_segment_range "
:
{
"name "
:
"range_vlan_physnet1 "
,
"shared "
:
false
,
"project_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"network_type "
:
"vlan "
,
"physical_network "
:
"physnet1 "
,
"minimum "
:
10
,
"maximum "
:
20
}
}
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the network segment range. |
| name | body | string | Human-readable name of the resource. |
| default | body | boolean | Defines whether the network segment range is the default that is loaded from the host ML2 config file. |
| shared | body | boolean | Indicates whether this network segment range is shared across all projects. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| network_type | body | string |
The type of physical network that maps to this network segment range
resource. For example,
vlan
,
vxlan
, or
gre
. Valid values depend
on a networking back-end.
|
| physical_network | body | string | The physical network where this network segment range is implemented. |
| minimum | body | integer | The minimum segmentation ID of the network segment range. |
| maximum | body | integer | The maximum segmentation ID of the network segment range. |
| available | body | list | List of available segmentation IDs in the network segment range. |
| used | body | dict | Mapping of which segmentation ID in the network segment range is used by which project. |
{
"network_segment_range "
:
{
"id "
:
"59b38ee8-6642-418a-88b7-756861606ecb "
,
"name "
:
"range_vlan_physnet1 "
,
"default "
:
false
,
"shared "
:
false
,
"tenant_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"project_id "
:
"7011dc7fccac4efda89dc3b7f0d0975a "
,
"network_type "
:
"vlan "
,
"physical_network "
:
"physnet1 "
,
"minimum "
:
10
,
"maximum "
:
20
,
"available "
:
[
10
,
11
,
12
,
13
,
14
,
15
,
16
,
17
,
18
,
19
,
20
],
"used "
:
{}
}
}
Lists, shows details for, creates, updates, and deletes ports.
The
allowed-address-pairs
extension adds an
allowed_address_pairs
attribute to ports. The value of
allowed_address_pairs
is an array of
allowed address pair objects, each having an
ip_address
and a
mac_address
. The set of allowed address pairs defines IP and MAC address
that the port can use when sending packets if
port_security_enabled
is
true
(see the
port-security
extension). Note that while the
ip_address
is required in each allowed address pair, the
mac_address
is optional and will be taken from the port if not specified.
The data plane port extension (
data-plane-status
) adds a new attribute
data_plane_status
to represent the status of the underlying data plane.
This attribute is to be managed by entities outside of the Networking service,
while the
status
attribute is managed by Networking service. Both status
attributes are independent from one another.
Supported data plane status values:
null
: no status being reported; default value
ACTIVE
: the underlying data plane is up and running
DOWN
: no traffic can flow from/to the port
The
dns-integration
extension adds the
dns_name
and
dns_assignment
attributes to port resources. While the
dns_name
can be set on create and
update operations, the
dns_assignment
is read-only and shows the
hostname
,
ip_address
and
fqdn
for the port’s internal DNS
assignment.
To enable the
dns_domain
on port resources, the
dns-domain-ports
extension must be used in conjunction with the
dns-integration
extension.
When enabled and set, a port level
dns_domain
take precedence over a
dns_domain
specified in the port’s network allowing per-port DNS domains.
extra_dhcp_opt
) extension¶
The extra DHCP option (
extra_dhcp_opt
) extension enables extra
DHCP configuration options on
ports
. For example, PXE boot
options to DHCP clients can be specified (e.g. tftp-server, server-ip-address,
bootfile-name). The value of the
extra_dhcp_opt
attribute is an array of
DHCP option objects, where each object contains an
opt_name
and
opt_value
(string values) as well as an optional
ip_version
(the acceptable values are either the integer
4
or
6
).
The IP allocation extension (
ip_allocation
) adds a new read-only attribute
ip_allocation
that indicates when ports use deferred, immediate or
no IP allocation.
The
ip-substring-filtering
extension adds support for filtering ports by
using part of an IP address.
The
mac_learning_enabled
extension extends neutron ports providing the
ability to enable MAC learning on the associated port via the
`mac_learning_enabled`
attribute.
The port binding extension (
binding
) allows administrative users
to specify and retrieve physical binding information of ports.
The extension defines several attributes whose names have a prefix
binding:
including
binding:host_id
,
binding:vnic_type
,
binding:vif_type
,
binding:vif_details
, and
binding:profile
.
The port resource request extension (
port-resource-request
) allows
administrative users (including Nova) to retrieve the Placement resources and
traits needed by a port by introducing the
resource_request
to
port
resources.
The
port-security
extension adds the
port_security_enabled
boolean
attribute to ports. If a
port-security
value is not specified during
port creation, a port will inherit the
port_security_enabled
from the
network its connected to.
The
QoS
extension (
qos
) makes it possible to
define QoS policies and associate these to the ports by introducing the
qos_policy_id
attribute. The policies should be created before they are
associated to the ports.
The Port MAC address regenerate extension (
port-mac-address-regenerate
)
makes it possible to regenerate the mac address of a port. When passing
'null'
(
None
) as the
mac_address
on port update, a new mac address
will be generated and set on the port.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
The
uplink-status-propagation
extension adds
uplink_status_propagation
attribute to port. If this attribute is set to
true
, uplink status
propagation is enabled. If this attribute is not specified, it is default to
false
which indicates uplink status propagation is disabled.
Shows details for a port.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| port_id | path | string | The ID of the port. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| port | body | object |
A
port
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| allowed_address_pairs | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id | body | string | The ID of the host where the port resides. |
| binding:profile | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. |
| binding:vif_details | body | object |
A dictionary which contains additional information on the port.
Currently the following fields are defined:
port_filter
and
ovs_hybrid_plug
.
port_filter
is a boolean indicating the networking service
provides port filtering features such as security group and/or
anti MAC/IP spoofing.
ovs_hybrid_plug
is a boolean used to inform an API consumer
like nova that the hybrid plugging strategy for OVS should be used.
|
| binding:vif_type | body | string |
The type of which mechanism is used for the port.
An API consumer like nova can use this to determine an appropriate way to
attach a device (for example an interface of a virtual server) to the port.
Available values currently defined includes
ovs
,
bridge
,
macvtap
,
hw_veb
,
hostdev_physical
,
vhostuser
,
distributed
and
other
.
There are also special values:
unbound
and
binding_failed
.
unbound
means the port is
not bound to a networking back-end.
binding_failed
means an error
that the port failed to be bound to a networking back-end.
|
| binding:vnic_type | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| data_plane_status | body | string | Status of the underlying data plane of a port. |
| description | body | string | A human-readable description for the resource. |
| device_id | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_assignment | body | object |
Data assigned to a port by the Networking internal DNS including the
hostname
,
ip_address
and
fqdn
.
|
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| extra_dhcp_opts | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips | body | array |
The IP addresses for the port. If the port has multiple IP addresses,
this field has multiple entries. Each entry consists of IP address
(
ip_address
) and the subnet ID from which the IP address
is assigned (
subnet_id
).
|
| id | body | string | The ID of the resource. |
| ip_allocation | body | string |
Indicates when ports use either
deferred
,
immediate
or no IP
allocation (
none
).
|
| mac_address | body | string | The MAC address of the port. |
| name | body | string | Human-readable name of the resource. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| qos_policy_id | body | string | The ID of the QoS policy associated with the port. |
| resource_request (Optional) | body | object |
Expose Placement resources (i.e.:
minimum-bandwidth
) and
traits (i.e.:
vnic-type
,
physnet
) requested by a port to
Nova and Placement. A
resource_request
object contains a
required
key for the traits (generated from the
vnic_type
and the
physnet
) required by the port, and a
resources
key
for
ingress
and
egress
minimum-bandwidth
need for the port.
|
| security_groups | body | array | The IDs of security groups applied to the port. |
| status | body | string |
The port status. Values are
ACTIVE
,
DOWN
,
BUILD
and
ERROR
.
|
| tags | body | array | The list of tags on the resource. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| uplink_status_propagation | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"port "
:
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
"ACTIVE "
,
"description "
:
""
,
"device_id "
:
"5e3898d7-11be-483e-9732-b2f5eccd2b2e "
,
"device_owner "
:
"network:router_interface "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"10.0.0.1 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.1 "
,
"subnet_id "
:
"a0304c3a-4f08-4c43-88af-d796509c97d2 "
}
],
"id "
:
"46d4bfb9-b26e-41f3-bd2e-e6dcc1ccedb2 "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:23:fd:d7 "
,
"name "
:
""
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"port_security_enabled "
:
false
,
"project_id "
:
"7e02058126cc4950b75f9970368ba177 "
,
"revision_number "
:
1
,
"security_groups "
:
[],
"status "
:
"ACTIVE "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"7e02058126cc4950b75f9970368ba177 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"uplink_status_propagation "
:
false
}
}
{
"port "
:
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"binding:host_id "
:
"devstack "
,
"binding:profile "
:
{},
"binding:vif_details "
:
{
"ovs_hybrid_plug "
:
true
,
"port_filter "
:
true
},
"binding:vif_type "
:
"ovs "
,
"binding:vnic_type "
:
"normal "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
"ACTIVE "
,
"description "
:
""
,
"device_id "
:
"5e3898d7-11be-483e-9732-b2f5eccd2b2e "
,
"device_owner "
:
"network:router_interface "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"10.0.0.1 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.1 "
,
"subnet_id "
:
"a0304c3a-4f08-4c43-88af-d796509c97d2 "
}
],
"id "
:
"46d4bfb9-b26e-41f3-bd2e-e6dcc1ccedb2 "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:23:fd:d7 "
,
"mac_learning_enabled "
:
false
,
"name "
:
""
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"port_security_enabled "
:
false
,
"project_id "
:
"7e02058126cc4950b75f9970368ba177 "
,
"revision_number "
:
1
,
"security_groups "
:
[],
"status "
:
"ACTIVE "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"7e02058126cc4950b75f9970368ba177 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"resource_request "
:
{
"required "
:
[
"CUSTOM_PHYSNET_PUBLIC "
,
"CUSTOM_VNIC_TYPE_NORMAL "
],
"resources "
:
{
"NET_BW_EGR_KILOBIT_PER_SEC "
:
1000
}
},
"uplink_status_propagation "
:
false
}
}
Updates a port.
You can update information for a port, such as its symbolic name
and associated IPs. When you update IPs for a port, any previously
associated IPs are removed, returned to the respective subnet
allocation pools, and replaced by the IPs in the request body.
Therefore, this operation replaces the
fixed_ip
attribute when
you specify it in the request body. If the updated IP addresses are
not valid or are already in use, the operation fails and the
existing IP addresses are not removed from the port.
When you update security groups for a port and the operation
succeeds, any associated security groups are removed and replaced
by the security groups in the request body. Therefore, this
operation replaces the
security_groups
attribute when you
specify it in the request body. If the security groups are not
valid, the operation fails and the existing security groups are not
removed from the port.
Only admins and users with a specific role can update the data plane status
(default role:
data_plane_integrator
).
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| port_id | path | string | The ID of the port. |
| port | body | object |
A
port
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| allowed_address_pairs (Optional) | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id (Optional) | body | string | The ID of the host where the port resides. The default is an empty string. |
| binding:profile (Optional) | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. The default is an empty dictionary. |
| binding:vnic_type (Optional) | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
The default is
normal
.
|
| data_plane_status (Optional) | body | string | Status of the underlying data plane of a port. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| device_id (Optional) | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner (Optional) | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_domain (Optional) | body | string | A valid DNS domain. |
| dns_name (Optional) | body | string | A valid DNS name. |
| extra_dhcp_opts (Optional) | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips (Optional) | body | array |
The IP addresses for the port.
If you would like to assign multiple IP addresses for the port,
specify multiple entries in this field.
Each entry consists of IP address (
|
| mac_address (Optional) | body | string | The MAC address of the port. By default, only administrative users and users with advsvc role can change this value. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| port_security_enabled (Optional) | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| qos_policy_id (Optional) | body | string | QoS policy associated with the port. |
| security_groups (Optional) | body | array | The IDs of security groups applied to the port. |
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"port "
:
{
"admin_state_up "
:
true
,
"device_id "
:
"d90a13da-be41-461f-9f99-1dbcf438fdf2 "
,
"device_owner "
:
"compute:nova "
,
"name "
:
"test-for-port-update "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
}
}
{
"port "
:
{
"binding:host_id "
:
"test_for_port_update_host "
,
"device_id "
:
"d90a13da-be41-461f-9f99-1dbcf438fdf2 "
,
"data_plane_status "
:
"DOWN "
,
"device_owner "
:
"compute:nova "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| port | body | object |
A
port
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| allowed_address_pairs | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id | body | string | The ID of the host where the port resides. |
| binding:profile | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. |
| binding:vif_details | body | object |
A dictionary which contains additional information on the port.
Currently the following fields are defined:
port_filter
and
ovs_hybrid_plug
.
port_filter
is a boolean indicating the networking service
provides port filtering features such as security group and/or
anti MAC/IP spoofing.
ovs_hybrid_plug
is a boolean used to inform an API consumer
like nova that the hybrid plugging strategy for OVS should be used.
|
| binding:vif_type | body | string |
The type of which mechanism is used for the port.
An API consumer like nova can use this to determine an appropriate way to
attach a device (for example an interface of a virtual server) to the port.
Available values currently defined includes
ovs
,
bridge
,
macvtap
,
hw_veb
,
hostdev_physical
,
vhostuser
,
distributed
and
other
.
There are also special values:
unbound
and
binding_failed
.
unbound
means the port is
not bound to a networking back-end.
binding_failed
means an error
that the port failed to be bound to a networking back-end.
|
| binding:vnic_type | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| data_plane_status | body | string | Status of the underlying data plane of a port. |
| description | body | string | A human-readable description for the resource. |
| device_id | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_assignment | body | object |
Data assigned to a port by the Networking internal DNS including the
hostname
,
ip_address
and
fqdn
.
|
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| extra_dhcp_opts | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips | body | array |
The IP addresses for the port. If the port has multiple IP addresses,
this field has multiple entries. Each entry consists of IP address
(
ip_address
) and the subnet ID from which the IP address
is assigned (
subnet_id
).
|
| id | body | string | The ID of the resource. |
| ip_allocation | body | string |
Indicates when ports use either
deferred
,
immediate
or no IP
allocation (
none
).
|
| mac_address | body | string | The MAC address of the port. |
| name | body | string | Human-readable name of the resource. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| qos_policy_id | body | string | The ID of the QoS policy associated with the port. |
| resource_request (Optional) | body | object |
Expose Placement resources (i.e.:
minimum-bandwidth
) and
traits (i.e.:
vnic-type
,
physnet
) requested by a port to
Nova and Placement. A
resource_request
object contains a
required
key for the traits (generated from the
vnic_type
and the
physnet
) required by the port, and a
resources
key
for
ingress
and
egress
minimum-bandwidth
need for the port.
|
| security_groups | body | array | The IDs of security groups applied to the port. |
| status | body | string |
The port status. Values are
ACTIVE
,
DOWN
,
BUILD
and
ERROR
.
|
| tags | body | array | The list of tags on the resource. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| uplink_status_propagation | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"port "
:
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"binding:host_id "
:
"test_for_port_update_host "
,
"binding:profile "
:
{},
"binding:vif_details "
:
{},
"binding:vif_type "
:
"binding_failed "
,
"binding:vnic_type "
:
"normal "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
"ACTIVE "
,
"description "
:
""
,
"device_id "
:
"d90a13da-be41-461f-9f99-1dbcf438fdf2 "
,
"device_owner "
:
"compute:nova "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"20.20.0.4 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"20.20.0.4 "
,
"subnet_id "
:
"898dec4a-74df-4193-985f-c76721bcc746 "
}
],
"id "
:
"43c831e0-19ce-4a76-9a49-57b57e69428b "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:11:11:5e "
,
"name "
:
"test-for-port-update "
,
"network_id "
:
"883fc383-5ea1-4c8b-8916-e1ddb0a9f365 "
,
"project_id "
:
"522eda8d23124b25bf03fe44f1986b74 "
,
"revision_number "
:
1
,
"security_groups "
:
[
"ce0179d6-8a94-4f7c-91c2-f3038e2acbd0 "
],
"status "
:
"DOWN "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"522eda8d23124b25bf03fe44f1986b74 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"port_security_enabled "
:
false
,
"uplink_status_propagation "
:
false
}
}
{
"port "
:
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"binding:host_id "
:
"test_for_port_update_host "
,
"binding:profile "
:
{},
"binding:vif_details "
:
{},
"binding:vif_type "
:
"binding_failed "
,
"binding:vnic_type "
:
"normal "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
"DOWN "
,
"description "
:
""
,
"device_id "
:
"d90a13da-be41-461f-9f99-1dbcf438fdf2 "
,
"device_owner "
:
"compute:nova "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"20.20.0.4 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"20.20.0.4 "
,
"subnet_id "
:
"898dec4a-74df-4193-985f-c76721bcc746 "
}
],
"id "
:
"43c831e0-19ce-4a76-9a49-57b57e69428b "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:11:11:5e "
,
"name "
:
"test-for-port-update "
,
"network_id "
:
"883fc383-5ea1-4c8b-8916-e1ddb0a9f365 "
,
"project_id "
:
"522eda8d23124b25bf03fe44f1986b74 "
,
"revision_number "
:
2
,
"security_groups "
:
[
"ce0179d6-8a94-4f7c-91c2-f3038e2acbd0 "
],
"status "
:
"DOWN "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"522eda8d23124b25bf03fe44f1986b74 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"port_security_enabled "
:
false
,
"resource_request "
:
{
"required "
:
[
"CUSTOM_PHYSNET_PUBLIC "
,
"CUSTOM_VNIC_TYPE_NORMAL "
],
"resources "
:
{
"NET_BW_EGR_KILOBIT_PER_SEC "
:
1000
}
},
"uplink_status_propagation "
:
false
}
}
Deletes a port.
Any IP addresses that are associated with the port are returned to the respective subnets allocation pools.
Normal response codes: 204
Error response codes: 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| port_id | path | string | The ID of the port. |
There is no body content for the response of a successful DELETE request.
Lists ports to which the user has access.
Default policy settings return only those ports that are owned by the project of the user who submits the request, unless the request is submitted by a user with administrative rights.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
If the
ip-substring-filtering
extension is enabled, the Neutron API
supports IP address substring filtering on the
fixed_ips
attribute.
If you specify an IP address substring (
ip_address_substr
) in
an entry of the
fixed_ips
attribute, the Neutron API will list all
ports that have an IP address matching the substring.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | query | boolean |
Filter the list result by the administrative state of the resource,
which is up (
true
) or down (
false
).
|
| binding:host_id (Optional) | query | string | Filter the port list result by the ID of the host where the port resides. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| device_id (Optional) | query | string | Filter the port list result by the ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner (Optional) | query | string |
Filter the port result list by the entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| fixed_ips (Optional) | query | array |
Filter the port list result by the IP addresses for the port.
This field has one or multiple entries.
Each entry consists of IP address (
ip_address
), IP address substring
(
ip_address_substr
) and/or the subnet ID from which
the IP address is assigned (
subnet_id
).
|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| ip_allocation (Optional) | query | string |
Filter the port list result based on if the ports use
deferred
,
immediate
or no IP allocation (
none
).
|
| mac_address (Optional) | query | string | Filter the port list result by the MAC address of the port. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| network_id (Optional) | query | string | Filter the list result by the ID of the attached network. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a port attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| status (Optional) | query | string |
Filter the port list result by the port status.
Values are
ACTIVE
,
DOWN
,
BUILD
and
ERROR
.
|
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| mac_learning_enabled (Optional) | query | boolean |
Filter the list result by the mac_learning_enabled state of the resource,
which is enabled (
true
) or disabled (
false
).
|
| Name | In | Type | Description |
|---|---|---|---|
| ports | body | array |
A list of
port
objects.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| allowed_address_pairs | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id | body | string | The ID of the host where the port resides. |
| binding:profile | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. |
| binding:vif_details | body | object |
A dictionary which contains additional information on the port.
Currently the following fields are defined:
port_filter
and
ovs_hybrid_plug
.
port_filter
is a boolean indicating the networking service
provides port filtering features such as security group and/or
anti MAC/IP spoofing.
ovs_hybrid_plug
is a boolean used to inform an API consumer
like nova that the hybrid plugging strategy for OVS should be used.
|
| binding:vif_type | body | string |
The type of which mechanism is used for the port.
An API consumer like nova can use this to determine an appropriate way to
attach a device (for example an interface of a virtual server) to the port.
Available values currently defined includes
ovs
,
bridge
,
macvtap
,
hw_veb
,
hostdev_physical
,
vhostuser
,
distributed
and
other
.
There are also special values:
unbound
and
binding_failed
.
unbound
means the port is
not bound to a networking back-end.
binding_failed
means an error
that the port failed to be bound to a networking back-end.
|
| binding:vnic_type | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| data_plane_status | body | string | Status of the underlying data plane of a port. |
| description | body | string | A human-readable description for the resource. |
| device_id | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_assignment | body | object |
Data assigned to a port by the Networking internal DNS including the
hostname
,
ip_address
and
fqdn
.
|
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| extra_dhcp_opts | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips | body | array |
The IP addresses for the port. If the port has multiple IP addresses,
this field has multiple entries. Each entry consists of IP address
(
ip_address
) and the subnet ID from which the IP address
is assigned (
subnet_id
).
|
| id | body | string | The ID of the resource. |
| ip_allocation | body | string |
Indicates when ports use either
deferred
,
immediate
or no IP
allocation (
none
).
|
| mac_address | body | string | The MAC address of the port. |
| name | body | string | Human-readable name of the resource. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| qos_policy_id | body | string | The ID of the QoS policy associated with the port. |
| resource_request (Optional) | body | object |
Expose Placement resources (i.e.:
minimum-bandwidth
) and
traits (i.e.:
vnic-type
,
physnet
) requested by a port to
Nova and Placement. A
resource_request
object contains a
required
key for the traits (generated from the
vnic_type
and the
physnet
) required by the port, and a
resources
key
for
ingress
and
egress
minimum-bandwidth
need for the port.
|
| security_groups | body | array | The IDs of security groups applied to the port. |
| status | body | string |
The port status. Values are
ACTIVE
,
DOWN
,
BUILD
and
ERROR
.
|
| tags | body | array | The list of tags on the resource. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| uplink_status_propagation | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"ports "
:
[
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
"9ae135f4-b6e0-4dad-9e91-3c223e385824 "
,
"device_owner "
:
"network:router_gateway "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"172.24.4.2 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.2 "
,
"subnet_id "
:
"008ba151-0b8c-4a67-98b5-0d2b87666062 "
}
],
"id "
:
"d80b1a3b-4fc1-49f3-952e-1e2ab7081d8b "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:58:42:ed "
,
"name "
:
""
,
"network_id "
:
"70c1db1f-b701-45bd-96e0-a313ee3430b3 "
,
"project_id "
:
""
,
"revision_number "
:
1
,
"security_groups "
:
[],
"status "
:
"ACTIVE "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
""
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"port_security_enabled "
:
false
,
"uplink_status_propagation "
:
false
},
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
"9ae135f4-b6e0-4dad-9e91-3c223e385824 "
,
"device_owner "
:
"network:router_interface "
,
"dns_assignment "
:
{
"hostname "
:
"myport2 "
,
"ip_address "
:
"10.0.0.1 "
,
"fqdn "
:
"myport2.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport2 "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.1 "
,
"subnet_id "
:
"288bf4a1-51ba-43b6-9d0a-520e9005db17 "
}
],
"id "
:
"f71a6703-d6de-4be1-a91a-a570ede1d159 "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:bb:3c:e4 "
,
"name "
:
""
,
"network_id "
:
"f27aa545-cbdd-4907-b0c6-c9e8b039dcc2 "
,
"project_id "
:
"d397de8a63f341818f198abb0966f6f3 "
,
"revision_number "
:
1
,
"security_groups "
:
[],
"status "
:
"ACTIVE "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"d397de8a63f341818f198abb0966f6f3 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
null
,
"port_security_enabled "
:
false
,
"uplink_status_propagation "
:
false
}
]
}
{
"ports "
:
[
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"binding:host_id "
:
"devstack "
,
"binding:profile "
:
{},
"binding:vif_details "
:
{
"ovs_hybrid_plug "
:
true
,
"port_filter "
:
true
},
"binding:vif_type "
:
"ovs "
,
"binding:vnic_type "
:
"normal "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
"9ae135f4-b6e0-4dad-9e91-3c223e385824 "
,
"device_owner "
:
"network:router_gateway "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"172.24.4.2 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[],
"fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.2 "
,
"subnet_id "
:
"008ba151-0b8c-4a67-98b5-0d2b87666062 "
}
],
"id "
:
"d80b1a3b-4fc1-49f3-952e-1e2ab7081d8b "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:58:42:ed "
,
"name "
:
""
,
"network_id "
:
"70c1db1f-b701-45bd-96e0-a313ee3430b3 "
,
"port_security_enabled "
:
true
,
"project_id "
:
""
,
"revision_number "
:
1
,
"security_groups "
:
[],
"status "
:
"ACTIVE "
,
"tenant_id "
:
""
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"resource_request "
:
{
"required "
:
[
"CUSTOM_PHYSNET_PUBLIC "
,
"CUSTOM_VNIC_TYPE_NORMAL "
],
"resources "
:
{
"NET_BW_EGR_KILOBIT_PER_SEC "
:
1000
}
},
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
""
,
"uplink_status_propagation "
:
false
},
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[],
"binding:host_id "
:
"devstack "
,
"binding:profile "
:
{},
"binding:vif_details "
:
{
"ovs_hybrid_plug "
:
true
,
"port_filter "
:
true
},
"binding:vif_type "
:
"ovs "
,
"binding:vnic_type "
:
"normal "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
"9ae135f4-b6e0-4dad-9e91-3c223e385824 "
,
"device_owner "
:
"network:router_interface "
,
"dns_assignment "
:
{
"hostname "
:
"myport2 "
,
"ip_address "
:
"10.0.0.1 "
,
"fqdn "
:
"myport2.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport2 "
,
"extra_dhcp_opts "
:
[],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.1 "
,
"subnet_id "
:
"288bf4a1-51ba-43b6-9d0a-520e9005db17 "
}
],
"id "
:
"f71a6703-d6de-4be1-a91a-a570ede1d159 "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:bb:3c:e4 "
,
"name "
:
""
,
"network_id "
:
"f27aa545-cbdd-4907-b0c6-c9e8b039dcc2 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"d397de8a63f341818f198abb0966f6f3 "
,
"revision_number "
:
2
,
"security_groups "
:
[],
"status "
:
"ACTIVE "
,
"tenant_id "
:
"d397de8a63f341818f198abb0966f6f3 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"d397de8a63f341818f198abb0966f6f3 "
,
"uplink_status_propagation "
:
false
}
]
}
Creates a port on a network.
To define the network in which to create the port, specify the
network_id
attribute in the request body.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| port | body | object |
A
port
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| allowed_address_pairs (Optional) | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id (Optional) | body | string | The ID of the host where the port resides. The default is an empty string. |
| binding:profile (Optional) | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. The default is an empty dictionary. |
| binding:vnic_type (Optional) | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
The default is
normal
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| device_id (Optional) | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner (Optional) | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_domain (Optional) | body | string | A valid DNS domain. |
| dns_name (Optional) | body | string | A valid DNS name. |
| extra_dhcp_opts (Optional) | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips (Optional) | body | array |
The IP addresses for the port.
If you would like to assign multiple IP addresses for the port,
specify multiple entries in this field.
Each entry consists of IP address (
|
| mac_address (Optional) | body | string | The MAC address of the port. If unspecified, a MAC address is automatically generated. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled (Optional) | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| qos_policy_id (Optional) | body | string | QoS policy associated with the port. |
| security_groups (Optional) | body | array | The IDs of security groups applied to the port. |
| tags | body | array | The list of tags on the resource. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| uplink_status_propagation (Optional) | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"port "
:
{
"admin_state_up "
:
true
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"name "
:
"private-port "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"port_security_enabled "
:
true
,
"allowed_address_pairs "
:
[
{
"ip_address "
:
"12.12.11.12 "
,
"mac_address "
:
"fa:14:2a:b3:cb:f0 "
}
],
"uplink_status_propagation "
:
false
}
}
{
"port "
:
{
"binding:host_id "
:
"4df8d9ff-6f6f-438f-90a1-ef660d4586ad "
,
"binding:profile "
:
{
"local_link_information "
:
[
{
"port_id "
:
"Ethernet3/1 "
,
"switch_id "
:
"0a:1b:2c:3d:4e:5f "
,
"switch_info "
:
"switch1 "
}
]
},
"binding:vnic_type "
:
"baremetal "
,
"device_id "
:
"d90a13da-be41-461f-9f99-1dbcf438fdf2 "
,
"device_owner "
:
"baremetal:none "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"uplink_status_propagation "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| port | body | object |
A
port
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| allowed_address_pairs | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id | body | string | The ID of the host where the port resides. |
| binding:profile | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. |
| binding:vif_details | body | object |
A dictionary which contains additional information on the port.
Currently the following fields are defined:
port_filter
and
ovs_hybrid_plug
.
port_filter
is a boolean indicating the networking service
provides port filtering features such as security group and/or
anti MAC/IP spoofing.
ovs_hybrid_plug
is a boolean used to inform an API consumer
like nova that the hybrid plugging strategy for OVS should be used.
|
| binding:vif_type | body | string |
The type of which mechanism is used for the port.
An API consumer like nova can use this to determine an appropriate way to
attach a device (for example an interface of a virtual server) to the port.
Available values currently defined includes
ovs
,
bridge
,
macvtap
,
hw_veb
,
hostdev_physical
,
vhostuser
,
distributed
and
other
.
There are also special values:
unbound
and
binding_failed
.
unbound
means the port is
not bound to a networking back-end.
binding_failed
means an error
that the port failed to be bound to a networking back-end.
|
| binding:vnic_type | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| data_plane_status | body | string | Status of the underlying data plane of a port. |
| description | body | string | A human-readable description for the resource. |
| device_id | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_assignment | body | object |
Data assigned to a port by the Networking internal DNS including the
hostname
,
ip_address
and
fqdn
.
|
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| extra_dhcp_opts | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips | body | array |
The IP addresses for the port. If the port has multiple IP addresses,
this field has multiple entries. Each entry consists of IP address
(
ip_address
) and the subnet ID from which the IP address
is assigned (
subnet_id
).
|
| id | body | string | The ID of the resource. |
| ip_allocation | body | string |
Indicates when ports use either
deferred
,
immediate
or no IP
allocation (
none
).
|
| mac_address | body | string | The MAC address of the port. |
| name | body | string | Human-readable name of the resource. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| qos_policy_id | body | string | The ID of the QoS policy associated with the port. |
| resource_request (Optional) | body | object |
Expose Placement resources (i.e.:
minimum-bandwidth
) and
traits (i.e.:
vnic-type
,
physnet
) requested by a port to
Nova and Placement. A
resource_request
object contains a
required
key for the traits (generated from the
vnic_type
and the
physnet
) required by the port, and a
resources
key
for
ingress
and
egress
minimum-bandwidth
need for the port.
|
| security_groups | body | array | The IDs of security groups applied to the port. |
| status | body | string |
The port status. Values are
ACTIVE
,
DOWN
,
BUILD
and
ERROR
.
|
| tags | body | array | The list of tags on the resource. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| uplink_status_propagation | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"port "
:
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[
{
"ip_address "
:
"12.12.11.12 "
,
"mac_address "
:
"fa:14:2a:b3:cb:f0 "
}
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
""
,
"device_owner "
:
""
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"10.0.0.2 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.2 "
,
"subnet_id "
:
"a0304c3a-4f08-4c43-88af-d796509c97d2 "
}
],
"id "
:
"65c0ee9f-d634-4522-8954-51021b570b0d "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:c9:cb:f0 "
,
"name "
:
"private-port "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"revision_number "
:
1
,
"security_groups "
:
[
"f0ac4394-7e4a-4409-9701-ba8be283dbc3 "
],
"status "
:
"DOWN "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"uplink_status_propagation "
:
false
}
}
{
"port "
:
{
"admin_state_up "
:
true
,
"allowed_address_pairs "
:
[
{
"ip_address "
:
"12.12.11.12 "
,
"mac_address "
:
"fa:14:2a:b3:cb:f0 "
}
],
"binding:host_id "
:
"4df8d9ff-6f6f-438f-90a1-ef660d4586ad "
,
"binding:profile "
:
{
"local_link_information "
:
[
{
"port_id "
:
"Ethernet3/1 "
,
"switch_id "
:
"0a:1b:2c:3d:4e:5f "
,
"switch_info "
:
"switch1 "
}
]
},
"binding:vif_details "
:
{},
"binding:vif_type "
:
"unbound "
,
"binding:vnic_type "
:
"other "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
"d90a13da-be41-461f-9f99-1dbcf438fdf2 "
,
"device_owner "
:
"baremetal:none "
,
"dns_assignment "
:
{
"hostname "
:
"myport "
,
"ip_address "
:
"10.0.0.2 "
,
"fqdn "
:
"myport.my-domain.org "
},
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myport "
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.2 "
,
"subnet_id "
:
"a0304c3a-4f08-4c43-88af-d796509c97d2 "
}
],
"id "
:
"65c0ee9f-d634-4522-8954-51021b570b0d "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:c9:cb:f0 "
,
"name "
:
"private-port "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"project_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"revision_number "
:
1
,
"security_groups "
:
[
"f0ac4394-7e4a-4409-9701-ba8be283dbc3 "
],
"status "
:
"DOWN "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"port_security_enabled "
:
true
,
"resource_request "
:
{
"required "
:
[
"CUSTOM_PHYSNET_PUBLIC "
,
"CUSTOM_VNIC_TYPE_NORMAL "
],
"resources "
:
{
"NET_BW_EGR_KILOBIT_PER_SEC "
:
1000
}
},
"uplink_status_propagation "
:
false
}
}
Creates multiple ports in a single request. Specify a list of ports in the request body.
Guarantees the atomic completion of the bulk operation.
Normal response codes: 201
Error response codes: 400, 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| ports | body | array |
A list of
port
objects.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| allowed_address_pairs (Optional) | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id (Optional) | body | string | The ID of the host where the port resides. The default is an empty string. |
| binding:profile (Optional) | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. The default is an empty dictionary. |
| binding:vnic_type (Optional) | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
The default is
normal
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| device_id (Optional) | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner (Optional) | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_domain (Optional) | body | string | A valid DNS domain. |
| dns_name (Optional) | body | string | A valid DNS name. |
| extra_dhcp_opts (Optional) | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips (Optional) | body | array |
The IP addresses for the port.
If you would like to assign multiple IP addresses for the port,
specify multiple entries in this field.
Each entry consists of IP address (
|
| mac_address (Optional) | body | string | The MAC address of the port. If unspecified, a MAC address is automatically generated. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled (Optional) | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| qos_policy_id (Optional) | body | string | QoS policy associated with the port. |
| security_groups (Optional) | body | array | The IDs of security groups applied to the port. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| uplink_status_propagation (Optional) | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"ports "
:
[
{
"admin_state_up "
:
false
,
"name "
:
"sample_port_1 "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
},
{
"admin_state_up "
:
false
,
"name "
:
"sample_port_2 "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
}
]
}
| Name | In | Type | Description |
|---|---|---|---|
| ports | body | array |
A list of
port
objects.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| allowed_address_pairs | body | array |
A set of zero or more allowed address pair objects each where address pair
object contains an
ip_address
and
mac_address
. While the
ip_address
is required, the
mac_address
will be taken from the
port if not specified. The value of
ip_address
can be an IP Address
or a CIDR (if supported by the underlying extension plugin).
A server connected to the port can send a packet with source address which
matches one of the specified allowed address pairs.
|
| binding:host_id | body | string | The ID of the host where the port resides. |
| binding:profile | body | object | A dictionary that enables the application running on the specific host to pass and receive vif port information specific to the networking back-end. The networking API does not define a specific format of this field. |
| binding:vif_details | body | object |
A dictionary which contains additional information on the port.
Currently the following fields are defined:
port_filter
and
ovs_hybrid_plug
.
port_filter
is a boolean indicating the networking service
provides port filtering features such as security group and/or
anti MAC/IP spoofing.
ovs_hybrid_plug
is a boolean used to inform an API consumer
like nova that the hybrid plugging strategy for OVS should be used.
|
| binding:vif_type | body | string |
The type of which mechanism is used for the port.
An API consumer like nova can use this to determine an appropriate way to
attach a device (for example an interface of a virtual server) to the port.
Available values currently defined includes
ovs
,
bridge
,
macvtap
,
hw_veb
,
hostdev_physical
,
vhostuser
,
distributed
and
other
.
There are also special values:
unbound
and
binding_failed
.
unbound
means the port is
not bound to a networking back-end.
binding_failed
means an error
that the port failed to be bound to a networking back-end.
|
| binding:vnic_type | body | string |
The type of vNIC which this port should be attached to. This is used to
determine which mechanism driver(s) to be used to bind the port.
The valid values are
normal
,
macvtap
,
direct
,
baremetal
,
direct-physical
,
virtio-forwarder
and
smart-nic
.
What type of vNIC is actually available depends on deployments.
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| data_plane_status | body | string | Status of the underlying data plane of a port. |
| description | body | string | A human-readable description for the resource. |
| device_id | body | string | The ID of the device that uses this port. For example, a server instance or a logical router. |
| device_owner | body | string |
The entity type that uses this port.
For example,
compute:nova
(server instance),
network:dhcp
(DHCP agent) or
network:router_interface
(router interface).
|
| dns_assignment | body | object |
Data assigned to a port by the Networking internal DNS including the
hostname
,
ip_address
and
fqdn
.
|
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| extra_dhcp_opts | body | array | A set of zero or more extra DHCP option pairs. An option pair consists of an option value and name. |
| fixed_ips | body | array |
The IP addresses for the port. If the port has multiple IP addresses,
this field has multiple entries. Each entry consists of IP address
(
ip_address
) and the subnet ID from which the IP address
is assigned (
subnet_id
).
|
| id | body | string | The ID of the resource. |
| ip_allocation | body | string |
Indicates when ports use either
deferred
,
immediate
or no IP
allocation (
none
).
|
| mac_address | body | string | The MAC address of the port. |
| name | body | string | Human-readable name of the resource. |
| network_id | body | string | The ID of the attached network. |
| port_security_enabled | body | boolean |
The port security status. A valid value is
enabled (
true
) or disabled (
false
).
If port security is enabled for the port,
security group rules and anti-spoofing rules are applied to
the traffic on the port. If disabled, no such rules are applied.
|
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| qos_policy_id | body | string | The ID of the QoS policy associated with the port. |
| security_groups | body | array | The IDs of security groups applied to the port. |
| status | body | string |
The port status. Values are
ACTIVE
,
DOWN
,
BUILD
and
ERROR
.
|
| tags | body | array | The list of tags on the resource. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| uplink_status_propagation | body | boolean |
The uplink status propagation of the port. Valid values are
enabled (
true
) and disabled (
false
).
|
| mac_learning_enabled (Optional) | body | boolean | A boolean value that indicates if MAC Learning is enabled on the associated port. |
{
"ports "
:
[
{
"admin_state_up "
:
false
,
"allowed_address_pairs "
:
[],
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
""
,
"device_owner "
:
""
,
"dns_domain "
:
""
,
"dns_name "
:
""
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.5 "
,
"subnet_id "
:
"a0304c3a-4f08-4c43-88af-d796509c97d2 "
}
],
"id "
:
"94225baa-9d3f-4b93-bf12-b41e7ce49cdb "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:48:b8:9f "
,
"name "
:
"sample_port_1 "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"project_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"revision_number "
:
1
,
"security_groups "
:
[
"f0ac4394-7e4a-4409-9701-ba8be283dbc3 "
],
"status "
:
"DOWN "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
"29d5e02e-d5ab-4929-bee4-4a9fc12e22ae "
,
"port_security_enabled "
:
false
,
"uplink_status_propagation "
:
false
},
{
"admin_state_up "
:
false
,
"allowed_address_pairs "
:
[],
"created_at "
:
"2016-03-08T20:19:41 "
,
"data_plane_status "
:
null
,
"description "
:
""
,
"device_id "
:
""
,
"device_owner "
:
""
,
"dns_assignment "
:
{},
"dns_domain "
:
""
,
"dns_name "
:
""
,
"extra_dhcp_opts "
:
[
{
"opt_value "
:
"pxelinux.0 "
,
"ip_version "
:
4
,
"opt_name "
:
"bootfile-name "
}
],
"fixed_ips "
:
[
{
"ip_address "
:
"10.0.0.6 "
,
"subnet_id "
:
"a0304c3a-4f08-4c43-88af-d796509c97d2 "
}
],
"id "
:
"235b09e0-63c4-47f1-b221-66ba54c21760 "
,
"ip_allocation "
:
"immediate "
,
"mac_address "
:
"fa:16:3e:f4:73:df "
,
"name "
:
"sample_port_2 "
,
"network_id "
:
"a87cc70a-3e15-4acf-8205-9b711a3531b7 "
,
"project_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"revision_number "
:
1
,
"security_groups "
:
[
"f0ac4394-7e4a-4409-9701-ba8be283dbc3 "
],
"status "
:
"DOWN "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"d6700c0c9ffa4f1cb322cd4a1f3906fa "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"qos_policy_id "
:
null
,
"port_security_enabled "
:
false
,
"uplink_status_propagation "
:
false
}
]
}
Lists, shows details for, creates, updates, and deletes segments. The segments API is admin-only.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
Shows details for a segment.
You can control which response parameters are returned by using the fields query parameter. For information, see Filtering and column selection .
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| segment_id | path | string | The UUID of the segment. |
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the segment. |
| network_id | body | string | The ID of the attached network. |
| physical_network | body | string | The physical network where this network/segment is implemented. |
| network_type | body | string |
The type of physical network that maps to this
network resource. For example,
flat
,
vlan
,
vxlan
, or
gre
.
|
| revision_number | body | integer | The revision number of the resource. |
| segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"segment "
:
{
"name "
:
null
,
"network_id "
:
"5c0cb560-4089-41dd-be29-469907a23b49 "
,
"segmentation_id "
:
2000
,
"network_type "
:
"vlan "
,
"physical_network "
:
"segment-1 "
,
"revision_number "
:
1
,
"id "
:
"57fe85e4-ca2f-4192-b3cd-d5c249d7a21f "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
null
}
}
Updates a segment.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| segment_id | path | string | The UUID of the segment. |
| name (Optional) | body | string | Human-readable name of the segment. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"segment "
:
{
"name "
:
"1 "
,
"description "
:
"Segment One "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the segment. |
| network_id | body | string | The ID of the attached network. |
| physical_network | body | string | The physical network where this network/segment is implemented. |
| network_type | body | string |
The type of physical network that maps to this
network resource. For example,
flat
,
vlan
,
vxlan
, or
gre
.
|
| revision_number | body | integer | The revision number of the resource. |
| segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"segment "
:
{
"name "
:
"1 "
,
"network_id "
:
"5c0cb560-4089-41dd-be29-469907a23b49 "
,
"segmentation_id "
:
2000
,
"network_type "
:
"vlan "
,
"physical_network "
:
"segment-1 "
,
"revision_number "
:
4
,
"id "
:
"57fe85e4-ca2f-4192-b3cd-d5c249d7a21f "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
"Segment One "
}
}
Deletes a segment and its associated resources.
Normal response codes: 204
Error response codes: 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| segment_id | path | string | The UUID of the segment. |
There is no body content for the response of a successful DELETE request.
Lists segments to which the project has access.
Use the
fields
query parameter to filter the response. For
information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| network_id (Optional) | query | string | Filter the list result by the ID of the attached network. |
| physical_network (Optional) | query | string | Filter the list result by the physical network where this network/segment is implemented. |
| network_type (Optional) | query | string |
Filter the list result by the type of physical network that this
network/segment is mapped to. For example,
flat
,
vlan
,
vxlan
,
or
gre
. Valid values depend on a networking back-end.
|
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| segmentation_id (Optional) | query | integer | Filter the list result by the ID of the isolated segment on the physical network. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a segment attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the segment. |
| network_id | body | string | The ID of the attached network. |
| physical_network | body | string | The physical network where this network/segment is implemented. |
| network_type | body | string |
The type of physical network that maps to this
network resource. For example,
flat
,
vlan
,
vxlan
, or
gre
.
|
| revision_number | body | integer | The revision number of the resource. |
| segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"segments "
:
[
{
"name "
:
null
,
"network_id "
:
"5c0cb560-4089-41dd-be29-469907a23b49 "
,
"segmentation_id "
:
2000
,
"network_type "
:
"vlan "
,
"physical_network "
:
"segment-1 "
,
"revision_number "
:
1
,
"id "
:
"57fe85e4-ca2f-4192-b3cd-d5c249d7a21f "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
null
},
{
"name "
:
null
,
"network_id "
:
"5c0cb560-4089-41dd-be29-469907a23b49 "
,
"segmentation_id "
:
2000
,
"network_type "
:
"vlan "
,
"physical_network "
:
"segment-2 "
,
"revision_number "
:
3
,
"id "
:
"f1364c3a-4fc1-4206-b2dc-3254bc25cbfc "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
null
}
]
}
Creates a segment.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| network_id | body | string | The ID of the attached network. |
| physical_network | body | string | The physical network where this network/segment is implemented. |
| network_type | body | string |
The type of physical network that maps to this
network resource. For example,
flat
,
vlan
,
vxlan
, or
gre
.
|
| segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| name (Optional) | body | string | Human-readable name of the segment. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"segment "
:
{
"network_id "
:
"5c0cb560-4089-41dd-be29-469907a23b49 "
,
"segmentation_id "
:
2000
,
"network_type "
:
"vlan "
,
"physical_network "
:
"segment-1 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The UUID of the segment. |
| network_id | body | string | The ID of the attached network. |
| physical_network | body | string | The physical network where this network/segment is implemented. |
| network_type | body | string |
The type of physical network that maps to this
network resource. For example,
flat
,
vlan
,
vxlan
, or
gre
.
|
| revision_number | body | integer | The revision number of the resource. |
| segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"segment "
:
{
"name "
:
null
,
"network_id "
:
"5c0cb560-4089-41dd-be29-469907a23b49 "
,
"segmentation_id "
:
2000
,
"network_type "
:
"vlan "
,
"physical_network "
:
"segment-1 "
,
"revision_number "
:
1
,
"id "
:
"57fe85e4-ca2f-4192-b3cd-d5c249d7a21f "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
null
}
}
The trunk extension can be used to multiplex packets coming from and going to multiple neutron logical networks using a single neutron logical port. A trunk is modeled in neutron as a collection of neutron logical ports. One port, called parent port, must be associated to a trunk and it is the port to be used to connect instances with neutron. A sequence of subports (or sub_ports) each typically belonging to distinct neutron networks, is also associated to a trunk, and each subport may have a segmentation type and ID used to mux/demux the traffic coming in and out of the parent port.
In more details, the extension introduces the following resources:
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Lists trunks that are accessible to the user who submits the request.
Default policy settings return only those trunks that are owned by the user who submits the request, unless an admin user submits the request.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see the Filtering
section for more details.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | query | boolean |
Filter the trunk list result by the administrative state of the trunk,
which is up (
true
) or down (
false
).
|
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| port_id (Optional) | query | string | Filter the trunk list result by the ID of the parent port. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| status (Optional) | query | string |
Filter the trunk list result by the status for the trunk. Possible values
are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a trunk attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | The description for the resource. |
| id | body | string | The ID for the resource. |
| name (Optional) | body | string | The name of the resource. |
| port_id | body | string | The ID of the parent port. |
| revision_number | body | integer | The revision number of the resource. |
| status | body | string |
The status for the trunk. Possible values are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| sub_ports | body | array | A list of ports associated with the trunk. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"trunks "
:
[
{
"status "
:
"DOWN "
,
"sub_ports "
:
[],
"name "
:
"test "
,
"admin_state_up "
:
true
,
"project_id "
:
"313be01bd0744cea86643c711c57012b "
,
"tenant_id "
:
"313be01bd0744cea86643c711c57012b "
,
"created_at "
:
"2016-10-05T20:11:16Z "
,
"updated_at "
:
"2016-10-05T20:11:16Z "
,
"revision_number "
:
1
,
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"id "
:
"ee98bdb4-a817-43af-943f-4318bff98f51 "
,
"description "
:
""
}
]
}
Error codes:
400
The operation returns this error code if the request is malformed,
e.g. there are missing or invalid parameters in the request.
401
The operation is not authorized.
404
If the extension is not available or the port UUID of any of the
specified ports is not found.
409
The operation returns this error code for one of these
reasons:
Normal response codes: 201
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| port_id | body | string | The ID of the parent port. |
| name (Optional) | body | string | The name of the resource. |
| description | body | string | The description for the resource. |
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| sub_ports | body | array | A list of ports associated with the trunk. |
{
"trunk "
:
{
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"name "
:
"test "
,
"admin_state_up "
:
true
}
}
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | The description for the resource. |
| id | body | string | The ID for the resource. |
| name (Optional) | body | string | The name of the resource. |
| port_id | body | string | The ID of the parent port. |
| revision_number | body | integer | The revision number of the resource. |
| status | body | string |
The status for the trunk. Possible values are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| sub_ports | body | array | A list of ports associated with the trunk. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"trunk "
:
{
"status "
:
"DOWN "
,
"sub_ports "
:
[],
"name "
:
"test "
,
"admin_state_up "
:
true
,
"project_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"tenant_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"created_at "
:
"2016-10-05T22:31:37Z "
,
"updated_at "
:
"2016-10-05T22:31:37Z "
,
"revision_number "
:
1
,
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"id "
:
"114a26b1-d124-4835-bb4f-021d3d886023 "
,
"description "
:
""
}
}
Normal response codes: 200
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| trunk_id | path | string | The ID of the trunk. |
| segmentation_id (Optional) | body | integer | The segmentation ID for the subport. |
| segmentation_type (Optional) | body | string |
The segmentation type for the subport. Possible values include
vlan
and
inherit
. When
inherit
is specified, a port gets its
segmentation type from the network its connected to.
|
| port_id | body | string | The ID of the subport. |
{
"sub_ports "
:
[
{
"segmentation_id "
:
44
,
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
,
"segmentation_type "
:
"vlan "
}
]
}
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | The description for the resource. |
| id | body | string | The ID for the resource. |
| name (Optional) | body | string | The name of the resource. |
| port_id | body | string | The ID of the parent port. |
| revision_number | body | integer | The revision number of the resource. |
| status | body | string |
The status for the trunk. Possible values are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| sub_ports | body | array | A list of ports associated with the trunk. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"status "
:
"DOWN "
,
"sub_ports "
:
[
{
"segmentation_type "
:
"vlan "
,
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
,
"segmentation_id "
:
44
}
],
"name "
:
"test "
,
"admin_state_up "
:
true
,
"project_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"tenant_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"created_at "
:
"2016-10-05T22:31:37Z "
,
"updated_at "
:
"2016-10-05T22:52:04Z "
,
"revision_number "
:
2
,
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"id "
:
"114a26b1-d124-4835-bb4f-021d3d886023 "
,
"description "
:
""
}
Normal response codes: 200
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| trunk_id | path | string | The ID of the trunk. |
| port_id | body | string | The ID of the port. |
{
"sub_ports "
:
[
{
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
}
]
}
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | The description for the resource. |
| id | body | string | The ID for the resource. |
| name (Optional) | body | string | The name of the resource. |
| port_id | body | string | The ID of the parent port. |
| revision_number | body | integer | The revision number of the resource. |
| status | body | string |
The status for the trunk. Possible values are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| sub_ports | body | array | A list of ports associated with the trunk. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"status "
:
"DOWN "
,
"sub_ports "
:
[],
"name "
:
"test "
,
"admin_state_up "
:
true
,
"project_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"tenant_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"created_at "
:
"2016-10-05T22:31:37Z "
,
"updated_at "
:
"2016-10-05T22:57:44Z "
,
"revision_number "
:
3
,
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"id "
:
"114a26b1-d124-4835-bb4f-021d3d886023 "
,
"description "
:
""
}
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| trunk_id | path | string | The ID of the trunk. |
| Name | In | Type | Description |
|---|---|---|---|
| port_id | body | string | The ID of the subport. |
| segmentation_type | body | string |
The segmentation type for the subport. Possible values include
vlan
and
inherit
. When
inherit
is specified, a port gets its
segmentation type from the network its connected to.
|
| segmentation_id (Optional) | body | integer | The segmentation ID for the subport. |
| tags | body | array | The list of tags on the resource. |
{
"sub_ports "
:
[
{
"segmentation_type "
:
"vlan "
,
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
,
"segmentation_id "
:
44
}
]
}
The update request is only for changing fields like name, description or admin_state_up. Setting the admin_state_up to False locks the trunk in that it prevents operations such as as adding/removing subports.
Normal response codes: 200
Error response codes: 400, 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| name_resource (Optional) | body | string | The name of the resource. |
| admin_state_up_trunk | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description_resource | body | string | The description for the resource. |
| trunk_id | path | string | The ID of the trunk. |
{
"trunk "
:
{
"name "
:
"foo "
,
"admin_state_up "
:
true
}
}
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | The description for the resource. |
| id | body | string | The ID for the resource. |
| name (Optional) | body | string | The name of the resource. |
| port_id | body | string | The ID of the parent port. |
| revision_number | body | integer | The revision number of the resource. |
| status | body | string |
The status for the trunk. Possible values are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| sub_ports | body | array | A list of ports associated with the trunk. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"trunk "
:
{
"status "
:
"DOWN "
,
"sub_ports "
:
[
{
"segmentation_type "
:
"vlan "
,
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
,
"segmentation_id "
:
44
}
],
"name "
:
"foo "
,
"admin_state_up "
:
true
,
"project_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"tenant_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"created_at "
:
"2016-10-05T22:31:37Z "
,
"updated_at "
:
"2016-10-05T23:28:17Z "
,
"revision_number "
:
9
,
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"id "
:
"114a26b1-d124-4835-bb4f-021d3d886023 "
,
"description "
:
""
}
}
Shows details for a trunk.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| trunk_id | path | string | The ID of the trunk. |
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | body | boolean |
The administrative state of the trunk, which
is up (
true
) or down (
false
).
|
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | The description for the resource. |
| id | body | string | The ID for the resource. |
| name (Optional) | body | string | The name of the resource. |
| port_id | body | string | The ID of the parent port. |
| revision_number | body | integer | The revision number of the resource. |
| status | body | string |
The status for the trunk. Possible values are
ACTIVE
,
DOWN
,
BUILD
,
DEGRADED
, and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| sub_ports | body | array | A list of ports associated with the trunk. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"trunk "
:
{
"status "
:
"DOWN "
,
"sub_ports "
:
[
{
"segmentation_type "
:
"vlan "
,
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
,
"segmentation_id "
:
44
}
],
"name "
:
"foo "
,
"admin_state_up "
:
true
,
"project_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"tenant_id "
:
"145a14e4a64b49bf98baad8945dbd4f1 "
,
"created_at "
:
"2016-10-05T22:31:37Z "
,
"updated_at "
:
"2016-10-05T23:28:17Z "
,
"revision_number "
:
9
,
"port_id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"id "
:
"114a26b1-d124-4835-bb4f-021d3d886023 "
,
"description "
:
""
}
}
Deletes a trunk, if its state allows it.
Normal response codes: 204
Error response codes: 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| trunk_id | path | string | The ID of the trunk. |
The trunk_details extension attribute is available when showing a port resource that participates in a trunk as parent. The extension is useful for REST clients that may want to access trunk details when getting the parent port, and it allows them to avoid extra lookups.
Shows details for a port. The details available in the trunk_details attribute contain the trunk ID and the array showing information about the subports that belong to the trunk: the port UUID, the segmentation type, the segmentation ID, and the MAC address.
Normal response codes: 200
| Name | In | Type | Description |
|---|---|---|---|
| port_id | path | string | The ID of the port. |
| Name | In | Type | Description |
|---|---|---|---|
| trunk_details (Optional) | body | dict | The details about the trunk. |
{
"port "
:
{
"status "
:
"DOWN "
,
"created_at "
:
"2016-10-05T20:05:14Z "
,
"description "
:
""
,
"admin_state_up "
:
true
,
"network_id "
:
"1cf9e069-365f-4a78-8784-616bc12c4c5a "
,
"project_id "
:
"313be01bd0744cea86643c711c57012b "
,
"tenant_id "
:
"313be01bd0744cea86643c711c57012b "
,
"extra_dhcp_opts "
:
[],
"updated_at "
:
"2016-10-05T20:05:14Z "
,
"name "
:
"test "
,
"device_owner "
:
""
,
"trunk_details "
:
{
"trunk_id "
:
"8905d084-010c-46e8-a863-f21cb4441ab1 "
,
"sub_ports "
:
[
{
"segmentation_id "
:
33
,
"port_id "
:
"70df9f3e-b409-4761-8304-ce029b2079f5 "
,
"segmentation_type "
:
"vlan "
,
"mac_address "
:
"fa:16:3e:86:9b:dc "
},
{
"segmentation_id "
:
44
,
"port_id "
:
"4b4c691b-086d-43d2-8a65-5487e9434155 "
,
"segmentation_type "
:
"vlan "
,
"mac_address "
:
"fa:16:3e:fe:29:97 "
}
]
},
"revision_number "
:
5
,
"mac_address "
:
"fa:16:3e:5c:e9:a3 "
,
"fixed_ips "
:
[
{
"subnet_id "
:
"76a059c0-b189-479f-882c-5e8bd464ea49 "
,
"ip_address "
:
"40.0.0.3 "
}
],
"id "
:
"8027c4da-772f-4e43-bfbf-023b4a4e63de "
,
"security_groups "
:
[
"da88a249-12ac-4221-9565-c406b6feeb48 "
],
"device_id "
:
""
}
}
Lists, creates, shows details for, updates, and deletes address scopes.
Shows information for an address scope.
Use the
fields
query parameter to control which fields are returned in the response body.
For information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| address_scope_id | path | string | The ID of the address scope. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| address_scope | body | object |
An
address
scope
object.
|
| id | body | string | The ID of the address scope. |
| name | body | string | Human-readable name of the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"address_scope "
:
{
"name "
:
"address-scope-ip4 "
,
"tenant_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"ip_version "
:
4
,
"shared "
:
true
,
"project_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"id "
:
"4143da3e-d2a7-4077-ba80-215ecfd016d7 "
}
}
Updates an address scope.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| address_scope_id | path | string | The ID of the address scope. |
| address_scope | body | object |
An
address
scope
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
{
"address_scope "
:
{
"name "
:
"address-scope-ip4 "
,
"shared "
:
true
}
}
| Name | In | Type | Description |
|---|---|---|---|
| address_scope | body | object |
An
address
scope
object.
|
| id | body | string | The ID of the address scope. |
| name | body | string | Human-readable name of the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"address_scope "
:
{
"name "
:
"address-scope-2 "
,
"tenant_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"ip_version "
:
4
,
"shared "
:
true
,
"project_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"id "
:
"4143da3e-d2a7-4077-ba80-215ecfd016d7 "
}
}
Deletes an address scope.
Normal response codes: 204
Error response codes: 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| address_scope_id | path | string | The ID of the address scope. |
There is no body content for the response of a successful DELETE request.
Lists address scopes that the project has access to.
Default policy settings return only the address scopes owned by the project of the user submitting the request, unless the user has administrative role.
Use the
fields
query parameter to control which fields are returned in the response body.
Additionally, you can filter results by using query string parameters.
For information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| ip_version (Optional) | query | integer |
Filter the list result by the IP protocol version.
Valid value is
4
or
6
.
|
| shared (Optional) | query | boolean | Admin-only. Filter the list result based on whether the resource is shared across all projects. |
| sort_key (Optional) | query | string |
Sorts by an address scope attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| address_scopes | body | array |
A list of
address
scope
objects.
|
| id | body | string | The ID of the address scope. |
| name | body | string | Human-readable name of the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"address_scopes "
:
[
{
"name "
:
"address-scope-ip6 "
,
"tenant_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"ip_version "
:
6
,
"shared "
:
true
,
"project_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"id "
:
"3b189848-58bb-4499-abc2-8df170a6a8ae "
},
{
"name "
:
"address-scope-2 "
,
"tenant_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"ip_version "
:
4
,
"shared "
:
true
,
"project_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"id "
:
"4143da3e-d2a7-4077-ba80-215ecfd016d7 "
}
]
}
Creates an address scope.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| address_scope | body | object |
An
address
scope
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
{
"address_scope "
:
{
"name "
:
"address-scope-2 "
,
"tenant_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"ip_version "
:
4
,
"shared "
:
true
,
"project_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| address_scope | body | object |
An
address
scope
object.
|
| id | body | string | The ID of the address scope. |
| name | body | string | Human-readable name of the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"address_scope "
:
{
"name "
:
"address-scope-2 "
,
"tenant_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"ip_version "
:
4
,
"shared "
:
true
,
"project_id "
:
"a7a7fa10fd7a4c80acb7e4b224480495 "
,
"id "
:
"4143da3e-d2a7-4077-ba80-215ecfd016d7 "
}
}
The
dns-integration
extension adds the
dns_name
and
dns_domain
attributes to floating IPs allowing them to be specified at creation time.
The data in these attributes will be published in an external DNS service
when Neutron is configured to integrate with such a service.
The
fip-port-details
extension adds the
port_details
attribute to
floating IPs. The value of this attribute contains information of the
associated port.
The
expose-port-forwarding-in-fip
extension adds the
port_forwardings
attribute to floating IPs. The value of this attribute contains the
information of associated port forwarding resources.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Lists floating IPs visible to the user.
Default policy settings return only the floating IPs owned by the user’s project, unless the user has admin role.
This example request lists floating IPs in JSON format:
GET
/
v2
.
0
/
floatingips
Accept
:
application
/
json
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| router_id (Optional) | query | string | Filter the floating IP list result by the ID of the router for the floating IP. |
| status (Optional) | query | string |
Filter the floating IP list result by the status of the floating IP.
Values are
ACTIVE
,
DOWN
and
ERROR
.
|
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| floating_network_id (Optional) | query | string | Filter the floating IP list result by the ID of the network associated with the floating IP. |
| fixed_ip_address (Optional) | query | string | Filter the floating IP list result by the fixed IP address that is associated with the floating IP address. |
| floating_ip_address (Optional) | query | string | Filter the floating IP list result by the floating IP address. |
| port_id (Optional) | query | string | Filter the floating IP list result by the ID of a port associated with the floating IP. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a floatingip attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| floatingips | body | array |
A list of
floatingip
objects.
|
| id | body | string | The ID of the floating IP address. |
| router_id | body | string | The ID of the router for the floating IP. |
| status | body | string |
The status of the floating IP. Values are
ACTIVE
,
DOWN
and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| description | body | string | A human-readable description for the resource. |
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| port_details | body | string |
The information of the port that this floating IP associates with.
In particular, if the floating IP is associated with a port, this field
contains some attributes of the associated port, including
name
,
network_id
,
mac_address
,
admin_state_up
,
status
,
device_id
and
device_owner
. If the floating IP is not associated
with a port, this field is
null
.
|
| floating_network_id | body | string | The ID of the network associated with the floating IP. |
| fixed_ip_address | body | string | The fixed IP address that is associated with the floating IP address. |
| floating_ip_address | body | string | The floating IP address. |
| port_id | body | string | The ID of a port associated with the floating IP. |
| tags | body | array | The list of tags on the resource. |
| port_forwardings | body | array |
The associated port forwarding resources for the floating IP. If the
floating IP has multiple port forwarding resources, this field has
multiple entries. Each entry consists of network IP protocol
(
protocol
), the fixed IP address of internal neutron port
(
internal_ip_address
), the TCP or UDP port used by internal
neutron port (
internal_port
) and the TCP or UDP port used by
floating IP (
external_port
).
|
{
"floatingips "
:
[
{
"router_id "
:
"d23abc8d-2991-4a55-ba98-2aaea84cc72f "
,
"description "
:
"for test "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip "
,
"created_at "
:
"2016-12-21T10:55:50Z "
,
"updated_at "
:
"2016-12-21T10:55:53Z "
,
"revision_number "
:
1
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"fixed_ip_address "
:
"10.0.0.3 "
,
"floating_ip_address "
:
"172.24.4.228 "
,
"port_id "
:
"ce705c24-c1ef-408a-bda3-7bbd946164ab "
,
"id "
:
"2f245a7b-796b-4f26-9cf9-9e82d248fda7 "
,
"status "
:
"ACTIVE "
,
"port_details "
:
{
"status "
:
"ACTIVE "
,
"name "
:
""
,
"admin_state_up "
:
true
,
"network_id "
:
"02dd8479-ef26-4398-a102-d19d0a7b3a1f "
,
"device_owner "
:
"compute:nova "
,
"mac_address "
:
"fa:16:3e:b1:3b:30 "
,
"device_id "
:
"8e3941b4-a6e9-499f-a1ac-2a4662025cba "
},
"tags "
:
[
"tag1,tag2 "
],
"port_forwardings "
:
[]
},
{
"router_id "
:
null
,
"description "
:
"for test "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip2 "
,
"created_at "
:
"2016-12-21T11:55:50Z "
,
"updated_at "
:
"2016-12-21T11:55:53Z "
,
"revision_number "
:
2
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"fixed_ip_address "
:
null
,
"floating_ip_address "
:
"172.24.4.227 "
,
"port_id "
:
null
,
"id "
:
"61cea855-49cb-4846-997d-801b70c71bdd "
,
"status "
:
"DOWN "
,
"port_details "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"port_forwardings "
:
[]
},
{
"router_id "
:
"0303bf18-2c52-479c-bd68-e0ad712a1639 "
,
"description "
:
"for test with port forwarding "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip3 "
,
"created_at "
:
"2018-06-15T02:12:48Z "
,
"updated_at "
:
"2018-06-15T02:12:57Z "
,
"revision_number "
:
1
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"fixed_ip_address "
:
null
,
"floating_ip_address "
:
"172.24.4.42 "
,
"port_id "
:
null
,
"id "
:
"898b198e-49f7-47d6-a7e1-53f626a548e6 "
,
"status "
:
"ACTIVE "
,
"tags "
:
[],
"port_forwardings "
:
[
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.19 "
,
"internal_port "
:
25
,
"external_port "
:
2225
},
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.18 "
,
"internal_port "
:
16666
,
"external_port "
:
8786
}
]
}
]
}
Creates a floating IP, and, if you specify port information, associates the floating IP with an internal port.
To associate the floating IP with an internal port, specify the port ID attribute in the request body. If you do not specify a port ID in the request, you can issue a PUT request instead of a POST request.
Default policy settings enable only administrative users to set floating IP addresses and some non-administrative users might require a floating IP address. If you do not specify a floating IP address in the request, the operation automatically allocates one.
By default, this operation associates the floating IP address with
a single fixed IP address that is configured on an OpenStack
Networking port. If a port has multiple IP addresses, you must
specify the
fixed_ip_address
attribute in the request body to
associate a fixed IP address with the floating IP address.
You can create floating IPs on only external networks. When you create a floating IP, you must specify the ID of the network on which you want to create the floating IP. Alternatively, you can create a floating IP on a subnet in the external network, based on the costs and quality of that subnet.
You must configure an IP address with the internal OpenStack Networking port that is associated with the floating IP address.
The operation returns the
Bad
Request
(400)
response code for one of
reasons:
- The network is not external, such as
router:external=False.- The internal OpenStack Networking port is not associated with the floating IP address.
- The requested floating IP address does not fall in the subnet range for the external network.
- The fixed IP address is not valid.
If the port ID is not valid, this operation returns
404
response code.
The operation returns the
Conflict
(409)
response code for one of
reasons:
- The requested floating IP address is already in use.
- The internal OpenStack Networking port and fixed IP address are already associated with another floating IP.
Normal response codes: 201
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| floatingip | body | object |
A
floatingip
object. When you associate a
floating IP address with a VM, the instance has the same public IP
address each time that it boots, basically to maintain a
consistent IP address for maintaining DNS assignment.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| floating_network_id | body | string | The ID of the network associated with the floating IP. |
| fixed_ip_address (Optional) | body | string |
The fixed IP address that is associated with the floating IP.
If an internal port has multiple associated IP addresses,
the service chooses the first IP address unless you explicitly
define a fixed IP address in the
fixed_ip_address
parameter.
|
| floating_ip_address (Optional) | body | string | The floating IP address. |
| port_id (Optional) | body | string | The ID of a port associated with the floating IP. To associate the floating IP with a fixed IP at creation time, you must specify the identifier of the internal port. |
| subnet_id (Optional) | body | string | The subnet ID on which you want to create the floating IP. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| dns_domain (Optional) | body | string | A valid DNS domain. |
| dns_name (Optional) | body | string | A valid DNS name. |
{
"floatingip "
:
{
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"port_id "
:
"ce705c24-c1ef-408a-bda3-7bbd946164ab "
,
"subnet_id "
:
"278d9507-36e7-403c-bb80-1d7093318fe6 "
,
"fixed_ip_address "
:
"10.0.0.3 "
,
"floating_ip_address "
:
"172.24.4.228 "
,
"description "
:
"floating ip for testing "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| floatingip | body | object |
A
floatingip
object. When you associate a
floating IP address with a VM, the instance has the same public IP
address each time that it boots, basically to maintain a
consistent IP address for maintaining DNS assignment.
|
| router_id | body | string | The ID of the router for the floating IP. |
| status | body | string |
The status of the floating IP. Values are
ACTIVE
,
DOWN
and
ERROR
.
|
| description | body | string | A human-readable description for the resource. |
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| port_details | body | string |
The information of the port that this floating IP associates with.
In particular, if the floating IP is associated with a port, this field
contains some attributes of the associated port, including
name
,
network_id
,
mac_address
,
admin_state_up
,
status
,
device_id
and
device_owner
. If the floating IP is not associated
with a port, this field is
null
.
|
| tenant_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| project_id | body | string | The ID of the project. |
| floating_network_id | body | string | The ID of the network associated with the floating IP. |
| fixed_ip_address | body | string | The fixed IP address that is associated with the floating IP address. |
| floating_ip_address | body | string | The floating IP address. |
| port_id | body | string | The ID of a port associated with the floating IP. |
| id | body | string | The ID of the floating IP address. |
| tags | body | array | The list of tags on the resource. |
| port_forwardings | body | array |
The associated port forwarding resources for the floating IP. If the
floating IP has multiple port forwarding resources, this field has
multiple entries. Each entry consists of network IP protocol
(
protocol
), the fixed IP address of internal neutron port
(
internal_ip_address
), the TCP or UDP port used by internal
neutron port (
internal_port
) and the TCP or UDP port used by
floating IP (
external_port
).
|
{
"floatingip "
:
{
"fixed_ip_address "
:
"10.0.0.3 "
,
"floating_ip_address "
:
"172.24.4.228 "
,
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"id "
:
"2f245a7b-796b-4f26-9cf9-9e82d248fda7 "
,
"port_id "
:
"ce705c24-c1ef-408a-bda3-7bbd946164ab "
,
"router_id "
:
"d23abc8d-2991-4a55-ba98-2aaea84cc72f "
,
"status "
:
"ACTIVE "
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"description "
:
"floating ip for testing "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip "
,
"created_at "
:
"2016-12-21T01:36:04Z "
,
"updated_at "
:
"2016-12-21T01:36:04Z "
,
"revision_number "
:
1
,
"port_details "
:
{
"status "
:
"ACTIVE "
,
"name "
:
""
,
"admin_state_up "
:
true
,
"network_id "
:
"02dd8479-ef26-4398-a102-d19d0a7b3a1f "
,
"device_owner "
:
"compute:nova "
,
"mac_address "
:
"fa:16:3e:b1:3b:30 "
,
"device_id "
:
"8e3941b4-a6e9-499f-a1ac-2a4662025cba "
},
"tags "
:
[
"tag1,tag2 "
],
"port_forwardings "
:
[]
}
}
Shows details for a floating IP.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
This example request shows details for a floating IP in JSON
format. This example also filters the result by the
fixed_ip_address
and
floating_ip_address
fields.
GET /v2.0/floatingips/{floatingip_id}?fields=fixed_ip_address
&fields=floating_ip_address
Accept: application/json
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
| Name | In | Type | Description |
|---|---|---|---|
| floatingip | body | object |
A
floatingip
object. When you associate a
floating IP address with a VM, the instance has the same public IP
address each time that it boots, basically to maintain a
consistent IP address for maintaining DNS assignment.
|
| router_id | body | string | The ID of the router for the floating IP. |
| status | body | string |
The status of the floating IP. Values are
ACTIVE
,
DOWN
and
ERROR
.
|
| description | body | string | A human-readable description for the resource. |
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| port_details | body | string |
The information of the port that this floating IP associates with.
In particular, if the floating IP is associated with a port, this field
contains some attributes of the associated port, including
name
,
network_id
,
mac_address
,
admin_state_up
,
status
,
device_id
and
device_owner
. If the floating IP is not associated
with a port, this field is
null
.
|
| tenant_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| project_id | body | string | The ID of the project. |
| floating_network_id | body | string | The ID of the network associated with the floating IP. |
| fixed_ip_address | body | string | The fixed IP address that is associated with the floating IP address. |
| floating_ip_address | body | string | The floating IP address. |
| port_id | body | string | The ID of a port associated with the floating IP. |
| id | body | string | The ID of the floating IP address. |
| tags | body | array | The list of tags on the resource. |
| port_forwardings | body | array |
The associated port forwarding resources for the floating IP. If the
floating IP has multiple port forwarding resources, this field has
multiple entries. Each entry consists of network IP protocol
(
protocol
), the fixed IP address of internal neutron port
(
internal_ip_address
), the TCP or UDP port used by internal
neutron port (
internal_port
) and the TCP or UDP port used by
floating IP (
external_port
).
|
{
"floatingip "
:
{
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"router_id "
:
"d23abc8d-2991-4a55-ba98-2aaea84cc72f "
,
"fixed_ip_address "
:
"10.0.0.3 "
,
"floating_ip_address "
:
"172.24.4.228 "
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"status "
:
"ACTIVE "
,
"port_id "
:
"ce705c24-c1ef-408a-bda3-7bbd946164ab "
,
"id "
:
"2f245a7b-796b-4f26-9cf9-9e82d248fda7 "
,
"description "
:
"floating ip for testing "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip "
,
"created_at "
:
"2016-12-21T01:36:04Z "
,
"updated_at "
:
"2016-12-21T01:36:04Z "
,
"revision_number "
:
1
,
"port_details "
:
{
"status "
:
"ACTIVE "
,
"name "
:
""
,
"admin_state_up "
:
true
,
"network_id "
:
"02dd8479-ef26-4398-a102-d19d0a7b3a1f "
,
"device_owner "
:
"compute:nova "
,
"mac_address "
:
"fa:16:3e:b1:3b:30 "
,
"device_id "
:
"8e3941b4-a6e9-499f-a1ac-2a4662025cba "
},
"tags "
:
[
"tag1,tag2 "
],
"port_forwardings "
:
[]
}
}
Updates a floating IP and its association with an internal port.
The association process is the same as the process for the create floating IP operation.
To disassociate a floating IP from a port, set the
port_id
attribute to null or omit it from the request body.
This example updates a floating IP:
PUT
/
v2
.
0
/
floatingips
/
{
floatingip_id
}
Accept
:
application
/
json
Depending on the request body that you submit, this request associates a port with or disassociates a port from a floating IP.
Normal response codes: 200
Error response codes: 400, 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| floatingip | body | object |
A
floatingip
object. When you associate a
floating IP address with a VM, the instance has the same public IP
address each time that it boots, basically to maintain a
consistent IP address for maintaining DNS assignment.
|
| floatingip_id | path | string | The ID of the floating IP address. |
| port_id | body | string |
The ID of a port associated with the floating IP.
To associate the floating IP with a fixed IP,
you must specify the ID of the internal port.
To disassociate the floating IP,
null
should be specified.
|
| fixed_ip_address (Optional) | body | string |
The fixed IP address that is associated with the floating IP.
If an internal port has multiple associated IP addresses,
the service chooses the first IP address unless you explicitly
define a fixed IP address in the
fixed_ip_address
parameter.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"floatingip "
:
{
"port_id "
:
"fc861431-0e6c-4842-a0ed-e2363f9bc3a8 "
}
}
{
"floatingip "
:
{
"port_id "
:
null
}
}
| Name | In | Type | Description |
|---|---|---|---|
| floatingip | body | object |
A
floatingip
object. When you associate a
floating IP address with a VM, the instance has the same public IP
address each time that it boots, basically to maintain a
consistent IP address for maintaining DNS assignment.
|
| router_id | body | string | The ID of the router for the floating IP. |
| status | body | string |
The status of the floating IP. Values are
ACTIVE
,
DOWN
and
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| floating_network_id | body | string | The ID of the network associated with the floating IP. |
| fixed_ip_address | body | string | The fixed IP address that is associated with the floating IP address. |
| floating_ip_address | body | string | The floating IP address. |
| port_id | body | string | The ID of a port associated with the floating IP. |
| id | body | string | The ID of the floating IP address. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| description | body | string | A human-readable description for the resource. |
| dns_domain | body | string | A valid DNS domain. |
| dns_name | body | string | A valid DNS name. |
| port_details | body | string |
The information of the port that this floating IP associates with.
In particular, if the floating IP is associated with a port, this field
contains some attributes of the associated port, including
name
,
network_id
,
mac_address
,
admin_state_up
,
status
,
device_id
and
device_owner
. If the floating IP is not associated
with a port, this field is
null
.
|
| tags | body | array | The list of tags on the resource. |
| port_forwardings | body | array |
The associated port forwarding resources for the floating IP. If the
floating IP has multiple port forwarding resources, this field has
multiple entries. Each entry consists of network IP protocol
(
protocol
), the fixed IP address of internal neutron port
(
internal_ip_address
), the TCP or UDP port used by internal
neutron port (
internal_port
) and the TCP or UDP port used by
floating IP (
external_port
).
|
{
"floatingip "
:
{
"created_at "
:
"2016-12-21T10:55:50Z "
,
"description "
:
"floating ip for testing "
,
"dns_domain "
:
"my-domain.org."
,
"dns_name "
:
"myfip "
,
"fixed_ip_address "
:
"10.0.0.4 "
,
"floating_ip_address "
:
"172.24.4.228 "
,
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"id "
:
"2f245a7b-796b-4f26-9cf9-9e82d248fda7 "
,
"port_id "
:
"fc861431-0e6c-4842-a0ed-e2363f9bc3a8 "
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"revision_number "
:
3
,
"router_id "
:
"d23abc8d-2991-4a55-ba98-2aaea84cc72f "
,
"status "
:
"ACTIVE "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"updated_at "
:
"2016-12-22T03:13:49Z "
,
"port_details "
:
{
"status "
:
"ACTIVE "
,
"name "
:
""
,
"admin_state_up "
:
true
,
"network_id "
:
"02dd8479-ef26-4398-a102-d19d0a7b3a1f "
,
"device_owner "
:
"compute:nova "
,
"mac_address "
:
"fa:16:3e:b1:3b:30 "
,
"device_id "
:
"8e3941b4-a6e9-499f-a1ac-2a4662025cba "
},
"port_forwardings "
:
[]
}
}
{
"floatingip "
:
{
"floating_network_id "
:
"376da547-b977-4cfe-9cba-275c80debf57 "
,
"router_id "
:
"d23abc8d-2991-4a55-ba98-2aaea84cc72f "
,
"fixed_ip_address "
:
null
,
"floating_ip_address "
:
"172.24.4.228 "
,
"project_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"tenant_id "
:
"4969c491a3c74ee4af974e6d800c62de "
,
"status "
:
"ACTIVE "
,
"port_id "
:
null
,
"id "
:
"2f245a7b-796b-4f26-9cf9-9e82d248fda7 "
,
"description "
:
"for test "
,
"created_at "
:
"2016-12-21T10:55:50Z "
,
"updated_at "
:
"2016-12-22T03:13:49Z "
,
"revision_number "
:
3
,
"port_details "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"port_forwardings "
:
[]
}
}
Deletes a floating IP and, if present, its associated port.
This example deletes a floating IP:
DELETE
/
v2
.
0
/
floatingips
/
{
floatingip_id
}
Accept
:
application
/
json
Normal response codes: 204
Error response codes: 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
There is no body content for the response of a successful DELETE request.
Lists floating IP pools.
Lists floating IP pools visible to the user.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_pools | body | array |
A list of
floatingip_pools
objects.
|
| subnet_id | body | string | The ID of the subnet. |
| network_id | body | string | The ID of the network to which the subnet belongs. |
| subnet_name | body | string | Human-readable name of the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| cidr | body | string | The CIDR of the subnet. |
{
"floatingip_pools "
:
[
{
"subnet_id "
:
"cdec285c-b157-48aa-900c-e77f6bd958e5 "
,
"tenant_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"network_id "
:
"db193ab3-96e3-4cb3-8fc5-05f4296d0324 "
,
"subnet_name "
:
"public-subnet "
,
"cidr "
:
"192.0.0.0/8 "
,
"project_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
}
]
}
Lists, creates, shows details for, updates, and deletes floating IPs port forwardings.
Shows information for a floating IP port forwarding.
Use the
fields
query parameter to control which fields are returned in the response body.
For information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 400, 404
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
| port_forwarding_id | path | string | The ID of the floating IP port forwarding. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| port_forwarding | body | object |
A
floating
IP
port
forwarding
object.
|
| id | body | string | The ID of the floating IP port forwarding. |
| internal_port_id | body | string | The ID of the Neutron port associated to the floating IP port forwarding. |
| internal_ip_address | body | string | The fixed IPv4 address of the Neutron port associated to the floating IP port forwarding. |
| internal_port | body | integer | The TCP/UDP/other protocol port number of the Neutron port fixed IP address associated to the floating ip port forwarding. |
| external_port | body | integer | The TCP/UDP/other protocol port number of the port forwarding’s floating IP address. |
| protocol | body | string | The IP protocol used in the floating IP port forwarding. |
{
"port_forwarding "
:
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.11 "
,
"internal_port "
:
25
,
"internal_port_id "
:
"1238be08-a2a8-4b8d-addf-fb5e2250e480 "
,
"external_port "
:
2230
,
"id "
:
"725ade3c-9760-4880-8080-8fc2dbab9acc "
}
}
Updates a floating IP port forwarding.
Normal response codes: 200
Error response codes: 400, 404
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
| port_forwarding_id | path | string | The ID of the floating IP port forwarding. |
| port_forwarding | body | object |
A
floating
IP
port
forwarding
object.
|
| internal_port_id (Optional) | body | string | The ID of the Neutron port associated to the floating IP port forwarding. |
| internal_ip_address (Optional) | body | string | The fixed IPv4 address of the Neutron port associated to the floating IP port forwarding. If it is not specified, the first IPv4 address found by the port forwardings plug-in will be used. |
| internal_port (Optional) | body | integer | The TCP/UDP/other protocol port number of the Neutron port fixed IP address associated to the floating ip port forwarding. |
| external_port (Optional) | body | integer | The TCP/UDP/other protocol port number of the port forwarding’s floating IP address. |
| protocol (Optional) | body | string | The IP protocol used in the floating IP port forwarding. |
{
"port_forwarding "
:
{
"protocol "
:
"udp "
,
"internal_port "
:
37
,
"internal_port_id "
:
"99889dc2-19a7-4edb-b9d0-d2ace8d1e144 "
,
"external_port "
:
1960
}
}
| Name | In | Type | Description |
|---|---|---|---|
| port_forwarding | body | object |
A
floating
IP
port
forwarding
object.
|
| id | body | string | The ID of the floating IP port forwarding. |
| internal_port_id | body | string | The ID of the Neutron port associated to the floating IP port forwarding. |
| internal_ip_address | body | string | The fixed IPv4 address of the Neutron port associated to the floating IP port forwarding. |
| internal_port | body | integer | The TCP/UDP/other protocol port number of the Neutron port fixed IP address associated to the floating ip port forwarding. |
| external_port | body | integer | The TCP/UDP/other protocol port number of the port forwarding’s floating IP address. |
| protocol | body | string | The IP protocol used in the floating IP port forwarding. |
{
"port_forwarding "
:
{
"protocol "
:
"udp "
,
"internal_ip_address "
:
"10.0.0.14 "
,
"internal_port "
:
37
,
"internal_port_id "
:
"99889dc2-19a7-4edb-b9d0-d2ace8d1e144 "
,
"external_port "
:
1960
,
"id "
:
"725ade3c-9760-4880-8080-8fc2dbab9acc "
}
}
Deletes a floating IP port forwarding.
Normal response codes: 204
Error response codes: 404
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
| port_forwarding_id | path | string | The ID of the floating IP port forwarding. |
There is no body content for the response of a successful DELETE request.
Lists floating IP port forwardings that the project has access to.
Default policy settings return only the port forwardings associated to floating IPs owned by the project of the user submitting the request, unless the user has administrative role.
Use the
fields
query parameter to control which fields are returned in the response body.
Additionally, you can filter results by using query string parameters.
For information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 400, 404
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| internal_port_id (Optional) | query | string | Filter the list result by the ID of the internal Neutron port. |
| external_port (Optional) | query | integer | Filter the list result by the TCP/UDP/other protocol port number of the floating IP. |
| protocol (Optional) | query | string | Filter the list result by the used protocol. |
| sort_key (Optional) | query | string |
Sorts by a floating IP port forwarding attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| port_forwardings | body | array |
A list of
floating
IP
port
forwardings
objects.
|
| id | body | string | The ID of the floating IP port forwarding. |
| internal_port_id | body | string | The ID of the Neutron port associated to the floating IP port forwarding. |
| internal_ip_address | body | string | The fixed IPv4 address of the Neutron port associated to the floating IP port forwarding. |
| internal_port | body | integer | The TCP/UDP/other protocol port number of the Neutron port fixed IP address associated to the floating ip port forwarding. |
| external_port | body | integer | The TCP/UDP/other protocol port number of the port forwarding’s floating IP address. |
| protocol | body | string | The IP protocol used in the floating IP port forwarding. |
{
"port_forwardings "
:
[
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.24 "
,
"internal_port "
:
25
,
"internal_port_id "
:
"070ef0b2-0175-4299-be5c-01fea8cca522 "
,
"external_port "
:
2229
,
"id "
:
"1798dc82-c0ed-4b79-b12d-4c3c18f90eb2 "
},
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.11 "
,
"internal_port "
:
25
,
"internal_port_id "
:
"1238be08-a2a8-4b8d-addf-fb5e2250e480 "
,
"external_port "
:
2230
,
"id "
:
"e0a0274e-4d19-4eab-9e12-9e77a8caf3ea "
}
]
}
Creates a floating IP port forwarding.
Normal response codes: 201
Error response codes: 400, 404
| Name | In | Type | Description |
|---|---|---|---|
| floatingip_id | path | string | The ID of the floating IP address. |
| port_forwarding | body | object |
A
floating
IP
port
forwarding
object.
|
| internal_port_id | body | string | The ID of the Neutron port associated to the floating IP port forwarding. |
| internal_ip_address (Optional) | body | string | The fixed IPv4 address of the Neutron port associated to the floating IP port forwarding. If it is not specified, the first IPv4 address found by the port forwardings plug-in will be used. |
| internal_port | body | integer | The TCP/UDP/other protocol port number of the Neutron port fixed IP address associated to the floating ip port forwarding. |
| external_port | body | integer | The TCP/UDP/other protocol port number of the port forwarding’s floating IP address. |
| protocol | body | string | The IP protocol used in the floating IP port forwarding. |
{
"port_forwarding "
:
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.11 "
,
"internal_port "
:
25
,
"internal_port_id "
:
"1238be08-a2a8-4b8d-addf-fb5e2250e480 "
,
"external_port "
:
2230
}
}
| Name | In | Type | Description |
|---|---|---|---|
| port_forwarding | body | object |
A
floating
IP
port
forwarding
object.
|
| id | body | string | The ID of the floating IP port forwarding. |
| internal_port_id | body | string | The ID of the Neutron port associated to the floating IP port forwarding. |
| internal_ip_address | body | string | The fixed IPv4 address of the Neutron port associated to the floating IP port forwarding. |
| internal_port | body | integer | The TCP/UDP/other protocol port number of the Neutron port fixed IP address associated to the floating ip port forwarding. |
| external_port | body | integer | The TCP/UDP/other protocol port number of the port forwarding’s floating IP address. |
| protocol | body | string | The IP protocol used in the floating IP port forwarding. |
{
"port_forwarding "
:
{
"protocol "
:
"tcp "
,
"internal_ip_address "
:
"10.0.0.11 "
,
"internal_port "
:
25
,
"internal_port_id "
:
"1238be08-a2a8-4b8d-addf-fb5e2250e480 "
,
"external_port "
:
2230
,
"id "
:
"725ade3c-9760-4880-8080-8fc2dbab9acc "
}
}
A
router
is a logical entity for forwarding packets across
internal subnets and NATting them on external networks through an
appropriate external gateway.
This resource is provided when
router
extension is enabled.
The
dvr
extension enables the functionality of configuring a router as a
distributed virtual router, adding
distributed
parameter.
The extra route extension (
extraroute
) extends
router
resources adding
a
routes
attribute that contains an array of route objects. Each route
object has a
destination
and
nexthop
attribute representing the route.
l3-ha
)¶
The L3 HA extension
l3-ha
, adds the
ha
attribute which enables
HA capability to routers when set to
true
.
ext-gw-mode
)¶
The
ext-gw-mode
extension of the router abstraction for specifying whether
SNAT should occur on the external gateway.
The
ext-gw-mode
extension allows enabling configurable external gateway
modes, adds the
external_gateway_info
attribute to
routers
and allows definitions for
network_id
,
enable_snat
and
external_fixed_ips
.
l3-flavors
)¶
The router flavor extension (
l3-flavors
) adds the
flavor_id
attribute
to routers, allowing requests to be dispatched to different drivers depending
on the flavor associated with a given router.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
router_availability_zone
extension adds the
availability_zones
and
availability_zone_hints
attributes to
routers
, allowing scheduling
based on availability zones and hints.
This extension requires
router
and
availability_zone
extensions.
router-service-type
)¶
The
router-service-type
extension enables associating a service type with a
router by introducing the
service_type_id
parameter that can be
used to associate the router with an existing
service-provider
,
see Service providers
.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Lists logical routers that the project who submits the request can access.
Default policy settings return only those routers that the project who submits the request owns, unless an administrative user submits the request.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| admin_state_up (Optional) | query | boolean |
Filter the list result by the administrative state of the resource,
which is up (
true
) or down (
false
).
|
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a router attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| routers | body | array |
A list of
router
objects.
|
| id | body | string | The ID of the router. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| status | body | string | The router status. |
| external_gateway_info | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| routes | body | array |
The extra routes configuration for L3 router.
A list of dictionaries with
destination
and
nexthop
parameters.
It is available when
extraroute
extension is enabled.
|
| destination | body | string | The destination CIDR. |
| nexthop | body | string | The IP address of the next hop for the corresponding destination. The next hop IP address must be a part of one of the subnets to which the router interfaces are connected. |
| distributed | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
| ha | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| availability_zone_hints | body | array |
The availability zone candidates for the router.
It is available when
router_availability_zone
extension is enabled.
|
| availability_zones | body | array |
The availability zone(s) for the router.
It is available when
router_availability_zone
extension is enabled.
|
| service_type_id | body | string | The ID of the service type associated with the router. |
| flavor_id | body | string | The ID of the flavor associated with the router. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"routers "
:
[
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2018-03-19T19:17:04Z "
,
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.3 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
},
{
"ip_address "
:
"2001:db8::c "
,
"subnet_id "
:
"0c56df5d-ace5-46c8-8f4c-45fa4e334d18 "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"915a14a6-867b-4af7-83d1-70efceb146f9 "
,
"name "
:
"router2 "
,
"revision_number "
:
1
,
"routes "
:
[
{
"destination "
:
"179.24.1.0/24 "
,
"nexthop "
:
"172.24.3.99 "
}
],
"status "
:
"ACTIVE "
,
"updated_at "
:
"2018-03-19T19:17:22Z "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
]
},
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2018-03-19T19:17:04Z "
,
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
},
{
"ip_address "
:
"2001:db8::9 "
,
"subnet_id "
:
"0c56df5d-ace5-46c8-8f4c-45fa4e334d18 "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"f8a44de0-fc8e-45df-93c7-f79bf3b01c95 "
,
"name "
:
"router1 "
,
"revision_number "
:
1
,
"routes "
:
[],
"status "
:
"ACTIVE "
,
"updated_at "
:
"2018-03-19T19:17:22Z "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
]
}
]
}
Creates a logical router.
This operation creates a logical router. The logical router does
not have any internal interface and it is not associated with any
subnet. You can optionally specify an external gateway for a router
at create time. The external gateway for the router must be plugged
into an external network. An external network has its
router:external
extended field set to
true
. To specify an
external gateway, the ID of the external network must be passed
in the
network_id
parameter of the
external_gateway_info
attribute in the request body.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| router | body | object |
A
router
object.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| external_gateway_info (Optional) | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| distributed (Optional) | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
| ha (Optional) | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| availability_zone_hints (Optional) | body | array |
The availability zone candidates for the router.
It is available when
router_availability_zone
extension is enabled.
|
| service_type_id (Optional) | body | string | The ID of the service type associated with the router. |
| flavor_id (Optional) | body | string | The ID of the flavor associated with the router. |
{
"router "
:
{
"name "
:
"router1 "
,
"external_gateway_info "
:
{
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
,
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
}
]
},
"admin_state_up "
:
true
}
}
| Name | In | Type | Description |
|---|---|---|---|
| router | body | object |
A
router
object.
|
| id | body | string | The ID of the router. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| status | body | string | The router status. |
| external_gateway_info | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| routes | body | array |
The extra routes configuration for L3 router.
A list of dictionaries with
destination
and
nexthop
parameters.
It is available when
extraroute
extension is enabled.
|
| destination | body | string | The destination CIDR. |
| nexthop | body | string | The IP address of the next hop for the corresponding destination. The next hop IP address must be a part of one of the subnets to which the router interfaces are connected. |
| distributed | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
| ha | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| availability_zone_hints | body | array |
The availability zone candidates for the router.
It is available when
router_availability_zone
extension is enabled.
|
| availability_zones | body | array |
The availability zone(s) for the router.
It is available when
router_availability_zone
extension is enabled.
|
| service_type_id | body | string | The ID of the service type associated with the router. |
| flavor_id | body | string | The ID of the flavor associated with the router. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"router "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2018-03-19T19:17:04Z "
,
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"f8a44de0-fc8e-45df-93c7-f79bf3b01c95 "
,
"name "
:
"router1 "
,
"routes "
:
[],
"revision_number "
:
1
,
"status "
:
"ACTIVE "
,
"updated_at "
:
"2018-03-19T19:17:22Z "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Shows details for a router.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| router_id | path | string | The ID of the router. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| router | body | object |
A
router
object.
|
| id | body | string | The ID of the router. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| status | body | string | The router status. |
| external_gateway_info | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| routes | body | array |
The extra routes configuration for L3 router.
A list of dictionaries with
destination
and
nexthop
parameters.
It is available when
extraroute
extension is enabled.
|
| destination | body | string | The destination CIDR. |
| nexthop | body | string | The IP address of the next hop for the corresponding destination. The next hop IP address must be a part of one of the subnets to which the router interfaces are connected. |
| distributed | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
| ha | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| availability_zone_hints | body | array |
The availability zone candidates for the router.
It is available when
router_availability_zone
extension is enabled.
|
| availability_zones | body | array |
The availability zone(s) for the router.
It is available when
router_availability_zone
extension is enabled.
|
| service_type_id | body | string | The ID of the service type associated with the router. |
| flavor_id | body | string | The ID of the flavor associated with the router. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"router "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2018-03-19T19:17:04Z "
,
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
},
{
"ip_address "
:
"2001:db8::9 "
,
"subnet_id "
:
"0c56df5d-ace5-46c8-8f4c-45fa4e334d18 "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"f8a44de0-fc8e-45df-93c7-f79bf3b01c95 "
,
"name "
:
"router1 "
,
"revision_number "
:
1
,
"routes "
:
[
{
"destination "
:
"179.24.1.0/24 "
,
"nexthop "
:
"172.24.3.99 "
}
],
"status "
:
"ACTIVE "
,
"updated_at "
:
"2018-03-19T19:17:22Z "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Updates a logical router.
This operation does not enable the update of router interfaces. To update a router interface, use the add router interface and remove router interface operations.
Normal response codes: 200
Error response codes: 400, 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| router | body | object |
A
router
object.
|
| external_gateway_info (Optional) | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| ha (Optional) | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| name | body | string | Human-readable name of the resource. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| router_id | path | string | The ID of the router. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| routes (Optional) | body | array |
The extra routes configuration for L3 router.
A list of dictionaries with
destination
and
nexthop
parameters.
It is available when
extraroute
extension is enabled.
Default is an empty list (
[]
).
|
| distributed (Optional) | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
{
"router "
:
{
"distributed "
:
false
,
"external_gateway_info "
:
{
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
,
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
}
],
"routes "
:
[
{
"destination "
:
"179.24.1.0/24 "
,
"nexthop "
:
"172.24.3.99 "
}
]
}
}
}
| Name | In | Type | Description |
|---|---|---|---|
| router | body | object |
A
router
object.
|
| id | body | string | The ID of the router. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| status | body | string | The router status. |
| external_gateway_info | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| routes | body | array |
The extra routes configuration for L3 router.
A list of dictionaries with
destination
and
nexthop
parameters.
It is available when
extraroute
extension is enabled.
|
| destination | body | string | The destination CIDR. |
| nexthop | body | string | The IP address of the next hop for the corresponding destination. The next hop IP address must be a part of one of the subnets to which the router interfaces are connected. |
| distributed | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
| ha | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| availability_zone_hints | body | array |
The availability zone candidates for the router.
It is available when
router_availability_zone
extension is enabled.
|
| availability_zones | body | array |
The availability zone(s) for the router.
It is available when
router_availability_zone
extension is enabled.
|
| service_type_id | body | string | The ID of the service type associated with the router. |
| flavor_id | body | string | The ID of the flavor associated with the router. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"router "
:
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2018-03-19T19:17:04Z "
,
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"f8a44de0-fc8e-45df-93c7-f79bf3b01c95 "
,
"name "
:
"router1 "
,
"revision_number "
:
3
,
"routes "
:
[
{
"destination "
:
"179.24.1.0/24 "
,
"nexthop "
:
"172.24.3.99 "
}
],
"status "
:
"ACTIVE "
,
"updated_at "
:
"2018-03-19T19:17:22Z "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Deletes a logical router and, if present, its external gateway interface.
This operation fails if the router has attached interfaces. Use the remove router interface operation to remove all router interfaces before you delete the router.
Normal response codes: 204
Error response codes: 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| router_id | path | string | The ID of the router. |
There is no body content for the response of a successful DELETE request.
Adds an internal interface to a logical router. This means a specified subnet is attached to a router as an internal router interface.
Specify the ID of a subnet or port in the request body:
When you specify an IPv6 subnet, this operation adds the subnet to an existing internal port with same network ID, on the router. If a port with the same network ID does not exist, this operation creates a port on the router for that subnet.
The limitation of one IPv4 subnet per router port remains, though a port can contain any number of IPv6 subnets that belong to the same network ID.
When you use the
port-create
command to add a port and then
call
router-interface-add
with this port ID, this operation
adds the port to the router if the following conditions are met:
If you specify both subnet ID and port ID,
this operation returns the
Bad
Request
(400)
response code.
If the port is already in use, this operation returns the
Conflict
(409)
response code.
This operation returns a port ID that is either:
After you run this operation, the operation sets:
device_id
attribute of this port to the router ID
device_owner
attribute to
network:router_interface
Normal response codes: 200
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| router_id | path | string | The ID of the router. |
| subnet_id (Optional) | body | string |
The ID of the subnet.
One of
subnet_id
or
port_id
must be specified.
|
| port_id (Optional) | body | string |
The ID of the port.
One of
subnet_id
or
port_id
must be specified.
|
{
"subnet_id "
:
"a2f1f29d-571b-4533-907f-5803ab96ead1 "
}
or
{
"port_id "
:
"2dc46bcc-d1f2-4077-b99e-91ee28afaff0 "
}
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The ID of the router. |
| subnet_id | body | string | The ID of the subnet which the router interface belongs to. |
| subnet_ids | body | array | A list of the ID of the subnet which the router interface belongs to. The list contains only one member. |
| tenant_id | body | string | The ID of the project who owns the router interface. |
| project_id | body | string | The ID of the project who owns the router interface. |
| port_id | body | string | The ID of the port which represents the router interface. |
| network_id | body | string | Network ID which the router interface is connected to. |
| tags | body | array | The list of tags on the resource. |
{
"id "
:
"915a14a6-867b-4af7-83d1-70efceb146f9 "
,
"network_id "
:
"91c013e2-d65a-474e-9177-c3e1799ca726 "
,
"port_id "
:
"2dc46bcc-d1f2-4077-b99e-91ee28afaff0 "
,
"subnet_id "
:
"a2f1f29d-571b-4533-907f-5803ab96ead1 "
,
"subnet_ids "
:
[
"a2f1f29d-571b-4533-907f-5803ab96ead1 "
],
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tags "
:
[
"tag1,tag2 "
]
}
Deletes an internal interface from a logical router.
This operation deletes an internal router interface, which detaches a subnet from the router. If this subnet ID is the last subnet on the port, this operation deletes the port itself. You must specify either a subnet ID or port ID in the request body; the operation uses this value to identify which router interface to deletes.
You can also specify both a subnet ID and port ID. If you
specify both IDs, the subnet ID must correspond to the subnet
ID of the first IP address on the port. Otherwise, this operation
returns the
Conflict
(409)
response code with information about
the affected router and interface.
If you try to delete the router interface for subnets that are used
by one or more
routes
, this operation returns the
Conflict
(409)
response. In this case, you first need to delete such routes from
the router.
If the router or the subnet and port do not exist or are not
visible to you, this operation returns the
Not
Found
(404)
response code. As a consequence of this operation, the operation
removes the port connecting the router with the subnet from the
subnet for the network.
Normal response codes: 200
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| router_id | path | string | The ID of the router. |
| subnet_id (Optional) | body | string |
The ID of the subnet.
One of
subnet_id
or
port_id
must be specified.
|
| port_id (Optional) | body | string |
The ID of the port.
One of
subnet_id
or
port_id
must be specified.
|
{
"subnet_id "
:
"a2f1f29d-571b-4533-907f-5803ab96ead1 "
}
or
{
"port_id "
:
"2dc46bcc-d1f2-4077-b99e-91ee28afaff0 "
}
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The ID of the router. |
| subnet_id | body | string | The ID of the subnet which the router interface belongs to. |
| subnet_ids | body | array | A list of the ID of the subnet which the router interface belongs to. The list contains only one member. |
| tenant_id | body | string | The ID of the project who owns the router interface. |
| project_id | body | string | The ID of the project who owns the router interface. |
| port_id | body | string | The ID of the port which represents the router interface. |
| network_id | body | string | Network ID which the router interface is connected to. |
| tags | body | array | The list of tags on the resource. |
{
"id "
:
"915a14a6-867b-4af7-83d1-70efceb146f9 "
,
"network_id "
:
"91c013e2-d65a-474e-9177-c3e1799ca726 "
,
"port_id "
:
"a5b7d209-dc02-4c46-a51f-805eadd3de64 "
,
"subnet_id "
:
"4e5fe97c-82bc-432e-87d8-06d7e157dffa "
,
"subnet_ids "
:
[
"4e5fe97c-82bc-432e-87d8-06d7e157dffa "
],
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
}
Lists, creates, shows details for, updates, and deletes subnet pools.
The
address-scope
extension adds the
address_scope_id
attribute to
subnet pools.
address_scope_id
is the ID of the address scope that the
subnet pool belongs to.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Shows information for a subnet pool.
Use the
fields
query parameter to control which fields are returned in the response body.
Additionally, you can filter results by using query string parameters.
For information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool_id | path | string | The UUID of the subnet pool. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool | body | object |
A
subnetpool
object.
|
| id | body | string | The ID of the subnet pool. |
| name | body | string | Human-readable name of the resource. |
| default_quota (Optional) | body | integer |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools,
default_quota
is measured in units of /32. For
IPv6 subnet pools,
default_quota
is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
| min_prefixlen (Optional) | body | integer |
The smallest prefix that can be allocated from a
subnet pool. For IPv4 subnet pools, default is
8
. For IPv6
subnet pools, default is
64
.
|
| address_scope_id (Optional) | body | object | An address scope to assign to the subnet pool. |
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| default_prefixlen (Optional) | body | integer |
The size of the prefix to allocate when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | body | integer |
The maximum prefix size that can be allocated
from the subnet pool. For IPv4 subnet pools, default is
32
.
For IPv6 subnet pools, default is
128
.
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The subnetpool is default pool or not. |
| revision_number | body | integer | The revision number of the resource. |
| tags | body | array | The list of tags on the resource. |
{
"subnetpool "
:
{
"min_prefixlen "
:
"64 "
,
"address_scope_id "
:
null
,
"default_prefixlen "
:
"64 "
,
"id "
:
"03f761e6-eee0-43fc-a921-8acf64c14988 "
,
"max_prefixlen "
:
"64 "
,
"name "
:
"my-subnet-pool "
,
"default_quota "
:
null
,
"is_default "
:
false
,
"project_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"tenant_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"prefixes "
:
[
"2001:db8:0:2::/64 "
,
"2001:db8::/63 "
],
"updated_at "
:
"2016-03-08T20:19:41 "
,
"ip_version "
:
6
,
"shared "
:
false
,
"description "
:
""
,
"revision_number "
:
2
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Updates a subnet pool.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool_id | path | string | The UUID of the subnet pool. |
| subnetpool | body | object |
A
subnetpool
object.
|
| name | body | string | Human-readable name of the resource. |
| default_quota (Optional) | body | integer |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools,
default_quota
is measured in units of /32. For
IPv6 subnet pools,
default_quota
is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
| min_prefixlen (Optional) | body | integer |
The smallest prefix that can be allocated from a
subnet pool. For IPv4 subnet pools, default is
8
. For IPv6
subnet pools, default is
64
.
|
| address_scope_id (Optional) | body | object | An address scope to assign to the subnet pool. |
| default_prefixlen (Optional) | body | integer |
The size of the prefix to allocate when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | body | integer |
The maximum prefix size that can be allocated
from the subnet pool. For IPv4 subnet pools, default is
32
.
For IPv6 subnet pools, default is
128
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| is_default (Optional) | body | boolean | The subnetpool is default pool or not. |
{
"subnetpool "
:
{
"name "
:
"my-new-subnetpool-name "
,
"prefixes "
:
[
"2001:db8::/64 "
,
"2001:db8:0:1::/64 "
,
"2001:db8:0:2::/64 "
],
"min_prefixlen "
:
64
,
"default_prefixlen "
:
64
,
"max_prefixlen "
:
64
}
}
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool | body | object |
A
subnetpool
object.
|
| id | body | string | The ID of the subnet pool. |
| name | body | string | Human-readable name of the resource. |
| default_quota (Optional) | body | integer |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools,
default_quota
is measured in units of /32. For
IPv6 subnet pools,
default_quota
is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
| min_prefixlen (Optional) | body | integer |
The smallest prefix that can be allocated from a
subnet pool. For IPv4 subnet pools, default is
8
. For IPv6
subnet pools, default is
64
.
|
| address_scope_id (Optional) | body | object | An address scope to assign to the subnet pool. |
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| default_prefixlen (Optional) | body | integer |
The size of the prefix to allocate when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | body | integer |
The maximum prefix size that can be allocated
from the subnet pool. For IPv4 subnet pools, default is
32
.
For IPv6 subnet pools, default is
128
.
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The subnetpool is default pool or not. |
| revision_number | body | integer | The revision number of the resource. |
| tags | body | array | The list of tags on the resource. |
{
"subnetpool "
:
{
"name "
:
"my-new-subnetpool-name "
,
"default_quota "
:
null
,
"is_default "
:
false
,
"project_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"tenant_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"prefixes "
:
[
"2001:db8::/63 "
,
"2001:db8:0:2::/64 "
],
"min_prefixlen "
:
64
,
"address_scope_id "
:
null
,
"ip_version "
:
6
,
"shared "
:
false
,
"default_prefixlen "
:
64
,
"id "
:
"03f761e6-eee0-43fc-a921-8acf64c14988 "
,
"max_prefixlen "
:
64
,
"description "
:
""
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"revision_number "
:
2
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Deletes a subnet pool.
The operation fails if any subnets allocated from the subnet pool are still in use.
Normal response codes: 204
Error response codes: 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool_id | path | string | The UUID of the subnet pool. |
There is no body content for the response of a successful DELETE request.
Lists subnet pools that the project has access to.
Default policy settings return only the subnet pools owned by the project of the user submitting the request, unless the user has administrative role.
Use the
fields
query parameter to control which fields are returned in the response body.
Additionally, you can filter results by using query string parameters.
For information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| default_quota (Optional) | query | integer | Filter the subnet pool list result by the quota on the prefix space that can be allocated from the subnet pool for project subnets. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| min_prefixlen (Optional) | query | integer | Filter the subnet pool list result by the smallest prefix that can be allocated from a subnet pool. |
| address_scope_id (Optional) | query | string | Filter the subnet pool list result by the address scope that is assigned to the subnet pool. |
| ip_version (Optional) | query | integer |
Filter the list result by the IP protocol version.
Valid value is
4
or
6
.
|
| shared (Optional) | query | boolean | Admin-only. Filter the list result based on whether the resource is shared across all projects. |
| default_prefixlen (Optional) | query | integer |
Filter the subnet pool list result by the size of the prefix to allocate
when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | query | integer | Filter the subnet pool list result by the maximum prefix size that can be allocated from the subnet pool. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| is_default (Optional) | query | boolean | Filter the subnet pool list result based on if it is a default pool or not. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a subnetpool attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| subnetpools | body | array |
A list of
subnetpool
objects.
|
| id | body | string | The ID of the subnet pool. |
| name | body | string | Human-readable name of the resource. |
| default_quota (Optional) | body | integer |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools,
default_quota
is measured in units of /32. For
IPv6 subnet pools,
default_quota
is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
| min_prefixlen (Optional) | body | integer |
The smallest prefix that can be allocated from a
subnet pool. For IPv4 subnet pools, default is
8
. For IPv6
subnet pools, default is
64
.
|
| address_scope_id (Optional) | body | object | An address scope to assign to the subnet pool. |
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| default_prefixlen (Optional) | body | integer |
The size of the prefix to allocate when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | body | integer |
The maximum prefix size that can be allocated
from the subnet pool. For IPv4 subnet pools, default is
32
.
For IPv6 subnet pools, default is
128
.
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The subnetpool is default pool or not. |
| revision_number | body | integer | The revision number of the resource. |
| tags | body | array | The list of tags on the resource. |
{
"subnetpools "
:
[
{
"min_prefixlen "
:
"64 "
,
"address_scope_id "
:
null
,
"default_prefixlen "
:
"64 "
,
"id "
:
"03f761e6-eee0-43fc-a921-8acf64c14988 "
,
"max_prefixlen "
:
"64 "
,
"name "
:
"my-subnet-pool-ipv6 "
,
"default_quota "
:
null
,
"is_default "
:
false
,
"project_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"tenant_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"prefixes "
:
[
"2001:db8:0:2::/64 "
,
"2001:db8::/63 "
],
"ip_version "
:
6
,
"shared "
:
false
,
"description "
:
""
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"revision_number "
:
2
,
"tags "
:
[
"tag1,tag2 "
]
},
{
"min_prefixlen "
:
"24 "
,
"address_scope_id "
:
null
,
"default_prefixlen "
:
"25 "
,
"id "
:
"f49a1319-423a-4ee6-ba54-1d95a4f6cc68 "
,
"max_prefixlen "
:
"30 "
,
"name "
:
"my-subnet-pool-ipv4 "
,
"default_quota "
:
null
,
"is_default "
:
false
,
"project_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"tenant_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"prefixes "
:
[
"10.10.0.0/21 "
,
"192.168.0.0/16 "
],
"ip_version "
:
4
,
"shared "
:
false
,
"description "
:
""
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"revision_number "
:
2
,
"tags "
:
[
"tag1,tag2 "
]
}
]
}
Creates a subnet pool.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool | body | object |
A
subnetpool
object.
|
| name | body | string | Human-readable name of the resource. |
| default_quota (Optional) | body | integer |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools,
default_quota
is measured in units of /32. For
IPv6 subnet pools,
default_quota
is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
| min_prefixlen (Optional) | body | integer |
The smallest prefix that can be allocated from a
subnet pool. For IPv4 subnet pools, default is
8
. For IPv6
subnet pools, default is
64
.
|
| address_scope_id (Optional) | body | object | An address scope to assign to the subnet pool. |
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| default_prefixlen (Optional) | body | integer |
The size of the prefix to allocate when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | body | integer |
The maximum prefix size that can be allocated
from the subnet pool. For IPv4 subnet pools, default is
32
.
For IPv6 subnet pools, default is
128
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| is_default | body | boolean | The subnetpool is default pool or not. |
{
"subnetpool "
:
{
"name "
:
"my-subnet-pool "
,
"prefixes "
:
[
"192.168.0.0/16 "
,
"10.10.0.0/21 "
],
"default_prefixlen "
:
25
,
"min_prefixlen "
:
24
,
"max_prefixlen "
:
30
,
"shared "
:
"false "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool | body | object |
A
subnetpool
object.
|
| id | body | string | The ID of the subnet pool. |
| name | body | string | Human-readable name of the resource. |
| default_quota (Optional) | body | integer |
A per-project quota on the prefix space that can
be allocated from the subnet pool for project subnets. Default is
no quota is enforced on allocations from the subnet pool. For IPv4
subnet pools,
default_quota
is measured in units of /32. For
IPv6 subnet pools,
default_quota
is measured units of /64. All
projects that use the subnet pool have the same prefix quota
applied.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
| min_prefixlen (Optional) | body | integer |
The smallest prefix that can be allocated from a
subnet pool. For IPv4 subnet pools, default is
8
. For IPv6
subnet pools, default is
64
.
|
| address_scope_id (Optional) | body | object | An address scope to assign to the subnet pool. |
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| default_prefixlen (Optional) | body | integer |
The size of the prefix to allocate when the
cidr
or
prefixlen
attributes are omitted when you create
the subnet. Default is
min_prefixlen
.
|
| max_prefixlen (Optional) | body | integer |
The maximum prefix size that can be allocated
from the subnet pool. For IPv4 subnet pools, default is
32
.
For IPv6 subnet pools, default is
128
.
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The subnetpool is default pool or not. |
| revision_number | body | integer | The revision number of the resource. |
| tags | body | array | The list of tags on the resource. |
{
"subnetpool "
:
{
"address_scope_id "
:
null
,
"default_prefixlen "
:
25
,
"default_quota "
:
null
,
"description "
:
""
,
"id "
:
"f49a1319-423a-4ee6-ba54-1d95a4f6cc68 "
,
"ip_version "
:
4
,
"is_default "
:
false
,
"max_prefixlen "
:
30
,
"min_prefixlen "
:
24
,
"name "
:
"my-subnet-pool "
,
"prefixes "
:
[
"10.10.0.0/21 "
,
"192.168.0.0/16 "
],
"project_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
,
"revision_number "
:
1
,
"shared "
:
false
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"9fadcee8aa7c40cdb2114fff7d569c08 "
}
}
Add and remove prefixes from a subnet pool prefix list.
Adds prefixes to a subnet pool.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool_id | path | string | The UUID of the subnet pool. |
| prefixes | body | array | A list of subnet prefixes to assign to the subnet pool. The API merges adjacent prefixes and treats them as a single prefix. Each subnet prefix must be unique among all subnet prefixes in all subnet pools that are associated with the address scope. |
{
"prefixes "
:
[
"192.168.0.0/24 "
,
"192.168.1.0/24 "
,
"172.16.0.0/21 "
]
}
| Name | In | Type | Description |
|---|---|---|---|
| prefixes | body | array | A list of the subnet prefixes currently assigned to the subnet pool. Adjacent prefixes are merged and treated as a single prefix. |
{
"prefixes "
:
[
"192.168.0.0/23 "
,
"172.16.0.0/21 "
]
}
Remove prefixes from a subnet pool.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| subnetpool_id | path | string | The UUID of the subnet pool. |
| prefixes | body | array | A list of subnet prefixes to remove from the subnet pool. The API splits larger prefixes when a subset prefix is removed, and merges any resulting adjacent prefixes to treat them as a single prefix. |
{
"prefixes "
:
[
"192.168.0.0/24 "
]
}
| Name | In | Type | Description |
|---|---|---|---|
| prefixes | body | array | A list of the subnet prefixes currently assigned to the subnet pool. Adjacent prefixes are merged and treated as a single prefix. |
{
"prefixes "
:
[
"192.168.1.0/24 "
,
"172.16.0.0/21 "
]
}
Lists, shows details for, creates, updates, and deletes subnet resources.
The default subnetpool extension (
default-subnetpools
) allows
administrative users to specify default subnetpools (one per
IP version). Then users can specify the
use_default_subnetpool
attribute when creating a subnet, instead of having to specify the
subnetpool_id
attribute referencing the default subnetpool.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
Subnet allocation extension (
subnet_allocation
) enables allocation of
subnets from a subnet pool.
The Segments
(
segment
) extension makes it possible to associate a
subnet with a specific L2 segment on the network, instead of spanning all the
segments in the network. The association between network and subnet remains,
but an optional
segment_id
field is added to the subnet so that it can be
associated with a particular segment on the network. With multiple subnets on a
network the
segment_id
is used to determine if the subnets are l2-adjacent
or not. Subnets within a network are either all associated to segments, or
none of them are associated to segments.
The subnet segment_id writable (
subnet-segmentid-writable
) extension
enhances the Segments
(
segment
) extension in that now the
segment_id
attribute is also available for write when a subnet is updated.
The segment peer subnet host routes extension (
segments-peer-subnet-host-routes
) extension enhances the Segments
(
segment
) extension in that now the
host_routes
property of the
different Subnets
(
subnets
) in a routed network gets routes to the peer
subnets on different segments added automatically. This ensures that traffic
within an L3 routed network stays within the network even when the default
route is on a different host interface.
Subnet service types extension (
subnet-service-types
) allows administrative
users to set the desired port types for a subnet by adding the
service_types
attributes to
subnets
.
(For example, the
network:floatingip_agent_gateway
service type enables
DVR floating IP agent gateway ports to use the subnet to minimize public
IP address consumption).
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Lists subnets that the project has access to.
Default policy settings return only subnets owned by the project of the user submitting the request, unless the user has administrative role. You can control which attributes are returned by using the fields query parameter. You can filter results by using query string parameters.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| enable_dhcp (Optional) | query | boolean | Filter the subnet list result based on if is enabled or disabled for the subnet. |
| network_id (Optional) | query | string | Filter the subnet list result by the ID of the network to which the subnet belongs. |
| ip_version (Optional) | query | integer |
Filter the subnet list result by the IP protocol version.
Value is
4
or
6
.
|
| gateway_ip (Optional) | query | string | Filter the subnet list result by the gateway IP of this subnet. |
| cidr (Optional) | query | string | Filter the subnet list result by the CIDR of the subnet. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| ipv6_address_mode (Optional) | query | string |
Filter the subnet list result by the IPv6 address modes specifies
mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| ipv6_ra_mode (Optional) | query | string |
Filter the subnet list result by the IPv6 router advertisement specifies
whether the networking service should transmit ICMPv6 packets for a subnet.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| segment_id (Optional) | query | string |
Filter the subnet list result by the ID of a network segment the subnet
is associated with.
It is available when
segment
extension is enabled.
|
| shared (Optional) | query | boolean | Admin-only. Filter the list result based on whether the resource is shared across all projects. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a subnet attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| subnetpool_id (Optional) | query | string | Filter the subnet list result by the ID of the subnet pool associated with the subnet. |
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| subnets | body | array |
A list of
subnet
objects.
|
| id | body | string | The ID of the subnet. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| enable_dhcp | body | boolean | Indicates whether dhcp is enabled or disabled for the subnet. |
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers | body | array | List of dns name servers associated with the subnet. |
| allocation_pools | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet.
|
| host_routes | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet.
|
| cidr | body | string | The CIDR of the subnet. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| ipv6_address_mode | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| ipv6_ra_mode | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| segment_id | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| service_types | body | array | The service types associated with the subnet. |
| subnetpool_id | body | string | The ID of the subnet pool associated with the subnet. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"subnets "
:
[
{
"name "
:
"private-subnet "
,
"enable_dhcp "
:
true
,
"network_id "
:
"db193ab3-96e3-4cb3-8fc5-05f4296d0324 "
,
"segment_id "
:
null
,
"project_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"tenant_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"dns_nameservers "
:
[],
"allocation_pools "
:
[
{
"start "
:
"10.0.0.2 "
,
"end "
:
"10.0.0.254 "
}
],
"host_routes "
:
[],
"ip_version "
:
4
,
"gateway_ip "
:
"10.0.0.1 "
,
"cidr "
:
"10.0.0.0/24 "
,
"id "
:
"08eae331-0402-425a-923c-34f7cfe39c1b "
,
"created_at "
:
"2016-10-10T14:35:34Z "
,
"description "
:
""
,
"ipv6_address_mode "
:
null
,
"ipv6_ra_mode "
:
null
,
"revision_number "
:
2
,
"service_types "
:
[],
"subnetpool_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"updated_at "
:
"2016-10-10T14:35:34Z "
},
{
"name "
:
"my_subnet "
,
"enable_dhcp "
:
true
,
"network_id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"segment_id "
:
null
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"dns_nameservers "
:
[],
"allocation_pools "
:
[
{
"start "
:
"192.0.0.2 "
,
"end "
:
"192.255.255.254 "
}
],
"host_routes "
:
[],
"ip_version "
:
4
,
"gateway_ip "
:
"192.0.0.1 "
,
"cidr "
:
"192.0.0.0/8 "
,
"id "
:
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
,
"created_at "
:
"2016-10-10T14:35:47Z "
,
"description "
:
""
,
"ipv6_address_mode "
:
null
,
"ipv6_ra_mode "
:
null
,
"revision_number "
:
2
,
"service_types "
:
[],
"subnetpool_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"updated_at "
:
"2016-10-10T14:35:47Z "
}
]
}
Creates a subnet on a network.
OpenStack Networking does not try to derive the correct IP version
from the CIDR. If you do not specify the
gateway_ip
attribute,
OpenStack Networking allocates an address from the CIDR for the
gateway for the subnet.
To specify a subnet without a gateway, set the
gateway_ip
attribute to
null
in the request body. If you do not specify
the
allocation_pools
attribute, OpenStack Networking
automatically allocates pools for covering all IP addresses in the
CIDR, excluding the address reserved for the subnet gateway.
Otherwise, you can explicitly specify allocation pools as shown in
the following example.
When you specify both the
allocation_pools
and
gateway_ip
attributes, you must ensure that the gateway IP does not overlap
with the allocation pools; otherwise, the call returns the
Conflict
(409)
response code.
A subnet can have one or more name servers and host routes. Hosts in this subnet use the name servers. Devices with IP addresses from this subnet, not including the local subnet route, use the host routes.
Specify the
ipv6_ra_mode
and
ipv6_address_mode
attributes
to create subnets that support IPv6 configurations, such as
stateless address autoconfiguration (SLAAC), DHCPv6 stateful, and
DHCPv6 stateless configurations.
A subnet can optionally be associated with a network segment when
it is created by specifying the
segment_id
of a valid segment
on the specified network. A network with subnets associated in this
way is called a routed network. On any given network, all of the
subnets must be associated with segments or none of them can be.
Neutron enforces this invariant. Currently, routed networks are
only supported for provider networks.
Normal response codes: 201
Error response codes: 400, 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| subnet | body | object |
A
subnet
object.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| enable_dhcp (Optional) | body | boolean |
Indicates whether dhcp is enabled or disabled
for the subnet. Default is
true
.
|
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers (Optional) | body | array | List of dns name servers associated with the subnet. Default is an empty list. |
| allocation_pools (Optional) | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet. If allocation_pools are not specified, OpenStack
Networking automatically allocates pools for covering all IP addresses
in the CIDR, excluding the address reserved for the subnet gateway by
default.
|
| host_routes (Optional) | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters. Default value is
an empty list.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip (Optional) | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet. If the gateway_ip is not
specified, OpenStack Networking allocates an address from the CIDR
for the gateway for the subnet by default.
|
| cidr | body | string | The CIDR of the subnet. |
| prefixlen (Optional) | body | integer |
The prefix length to use for subnet allocation from a subnet pool.
If not specified, the
default_prefixlen
value of the subnet pool
will be used.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| ipv6_address_mode (Optional) | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
.
|
| ipv6_ra_mode (Optional) | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
.
|
| segment_id (Optional) | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| subnetpool_id (Optional) | body | string | The ID of the subnet pool associated with the subnet. |
| use_default_subnetpool (Optional) | body | boolean | Whether to allocate this subnet from the default subnet pool. |
| service_types (Optional) | body | array | The service types associated with the subnet. |
{
"subnet "
:
{
"network_id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"ip_version "
:
4
,
"cidr "
:
"192.168.199.0/24 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| subnet | body | object |
A
subnet
object.
|
| id | body | string | The ID of the subnet. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| enable_dhcp | body | boolean | Indicates whether dhcp is enabled or disabled for the subnet. |
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers | body | array | List of dns name servers associated with the subnet. |
| allocation_pools | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet.
|
| host_routes | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet.
|
| cidr | body | string | The CIDR of the subnet. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| ipv6_address_mode | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| ipv6_ra_mode | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| service_types | body | array | The service types associated with the subnet. |
| subnetpool_id | body | string | The ID of the subnet pool associated with the subnet. |
| segment_id | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"subnet "
:
{
"name "
:
""
,
"enable_dhcp "
:
true
,
"network_id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"segment_id "
:
null
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"dns_nameservers "
:
[],
"allocation_pools "
:
[
{
"start "
:
"192.168.199.2 "
,
"end "
:
"192.168.199.254 "
}
],
"host_routes "
:
[],
"ip_version "
:
4
,
"gateway_ip "
:
"192.168.199.1 "
,
"cidr "
:
"192.168.199.0/24 "
,
"id "
:
"3b80198d-4f7b-4f77-9ef5-774d54e17126 "
,
"created_at "
:
"2016-10-10T14:35:47Z "
,
"description "
:
""
,
"ipv6_address_mode "
:
null
,
"ipv6_ra_mode "
:
null
,
"revision_number "
:
1
,
"service_types "
:
[],
"subnetpool_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"updated_at "
:
"2016-10-10T14:35:47Z "
}
}
Creates multiple subnets in a single request. Specify a list of subnets in the request body.
The bulk create operation is always atomic. Either all or no subnets in the request body are created.
Normal response codes: 201
Error response codes: 400, 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| subnets | body | array |
A list of
subnet
objects.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| enable_dhcp (Optional) | body | boolean |
Indicates whether dhcp is enabled or disabled
for the subnet. Default is
true
.
|
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers (Optional) | body | array | List of dns name servers associated with the subnet. Default is an empty list. |
| allocation_pools (Optional) | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet. If allocation_pools are not specified, OpenStack
Networking automatically allocates pools for covering all IP addresses
in the CIDR, excluding the address reserved for the subnet gateway by
default.
|
| host_routes (Optional) | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters. Default value is
an empty list.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip (Optional) | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet. If the gateway_ip is not
specified, OpenStack Networking allocates an address from the CIDR
for the gateway for the subnet by default.
|
| cidr | body | string | The CIDR of the subnet. |
| prefixlen (Optional) | body | integer |
The prefix length to use for subnet allocation from a subnet pool.
If not specified, the
default_prefixlen
value of the subnet pool
will be used.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| ipv6_address_mode (Optional) | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
.
|
| ipv6_ra_mode (Optional) | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
.
|
| segment_id (Optional) | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| subnetpool_id (Optional) | body | string | The ID of the subnet pool associated with the subnet. |
| use_default_subnetpool (Optional) | body | boolean | Whether to allocate this subnet from the default subnet pool. |
| service_types (Optional) | body | array | The service types associated with the subnet. |
{
"subnets "
:
[
{
"cidr "
:
"192.168.199.0/24 "
,
"ip_version "
:
4
,
"network_id "
:
"e6031bc2-901a-4c66-82da-f4c32ed89406 "
},
{
"cidr "
:
"10.56.4.0/22 "
,
"ip_version "
:
4
,
"network_id "
:
"64239a54-dcc4-4b39-920b-b37c2144effa "
}
]
}
| Name | In | Type | Description |
|---|---|---|---|
| subnets | body | array |
A list of
subnet
objects.
|
| id | body | string | The ID of the subnet. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| enable_dhcp | body | boolean | Indicates whether dhcp is enabled or disabled for the subnet. |
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers | body | array | List of dns name servers associated with the subnet. |
| allocation_pools | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet.
|
| host_routes | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet.
|
| cidr | body | string | The CIDR of the subnet. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| ipv6_address_mode | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| ipv6_ra_mode | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| segment_id | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| service_types | body | array | The service types associated with the subnet. |
| subnetpool_id | body | string | The ID of the subnet pool associated with the subnet. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"subnets "
:
[
{
"allocation_pools "
:
[
{
"end "
:
"192.168.199.254 "
,
"start "
:
"192.168.199.2 "
}
],
"cidr "
:
"192.168.199.0/24 "
,
"dns_nameservers "
:
[],
"enable_dhcp "
:
true
,
"gateway_ip "
:
"192.168.199.1 "
,
"host_routes "
:
[],
"id "
:
"0468a7a7-290d-4127-aedd-6c9449775a24 "
,
"ip_version "
:
4
,
"name "
:
""
,
"network_id "
:
"e6031bc2-901a-4c66-82da-f4c32ed89406 "
,
"segment_id "
:
null
,
"project_id "
:
"d19231fc08ec4bc4829b668040d34512 "
,
"tenant_id "
:
"d19231fc08ec4bc4829b668040d34512 "
,
"created_at "
:
"2016-10-10T14:35:47Z "
,
"description "
:
""
,
"ipv6_address_mode "
:
null
,
"ipv6_ra_mode "
:
null
,
"revision_number "
:
1
,
"service_types "
:
[],
"subnetpool_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"updated_at "
:
"2016-10-10T14:35:47Z "
},
{
"allocation_pools "
:
[
{
"end "
:
"10.56.7.254 "
,
"start "
:
"10.56.4.2 "
}
],
"cidr "
:
"10.56.4.0/22 "
,
"dns_nameservers "
:
[],
"enable_dhcp "
:
true
,
"gateway_ip "
:
"10.56.4.1 "
,
"host_routes "
:
[],
"id "
:
"b0e7435c-1512-45fb-aa9e-9a7c5932fb30 "
,
"ip_version "
:
4
,
"name "
:
""
,
"network_id "
:
"64239a54-dcc4-4b39-920b-b37c2144effa "
,
"segment_id "
:
null
,
"project_id "
:
"d19231fc08ec4bc4829b668040d34512 "
,
"tenant_id "
:
"d19231fc08ec4bc4829b668040d34512 "
,
"created_at "
:
"2016-10-10T14:35:34Z "
,
"description "
:
""
,
"ipv6_address_mode "
:
null
,
"ipv6_ra_mode "
:
null
,
"revision_number "
:
1
,
"service_types "
:
[],
"subnetpool_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
],
"updated_at "
:
"2016-10-10T14:35:34Z "
}
]
}
Shows details for a subnet.
Use the fields query parameter to filter the results.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| subnet_id | path | string | The ID of the subnet. |
| Name | In | Type | Description |
|---|---|---|---|
| subnet | body | object |
A
subnet
object.
|
| id | body | string | The ID of the subnet. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| name | body | string | Human-readable name of the resource. |
| enable_dhcp | body | boolean | Indicates whether dhcp is enabled or disabled for the subnet. |
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers | body | array | List of dns name servers associated with the subnet. |
| allocation_pools | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet.
|
| host_routes | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet.
|
| cidr | body | string | The CIDR of the subnet. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| ipv6_address_mode | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| ipv6_ra_mode | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| segment_id | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| service_types | body | array | The service types associated with the subnet. |
| subnetpool_id | body | string | The ID of the subnet pool associated with the subnet. |
| tags | body | array | The list of tags on the resource. |
{
"subnet "
:
{
"name "
:
"my_subnet "
,
"enable_dhcp "
:
true
,
"network_id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"segment_id "
:
null
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_nameservers "
:
[],
"allocation_pools "
:
[
{
"start "
:
"192.0.0.2 "
,
"end "
:
"192.255.255.254 "
}
],
"host_routes "
:
[],
"ip_version "
:
4
,
"gateway_ip "
:
"192.0.0.1 "
,
"cidr "
:
"192.0.0.0/8 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"id "
:
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
,
"description "
:
""
,
"ipv6_address_mode "
:
null
,
"ipv6_ra_mode "
:
null
,
"revision_number "
:
2
,
"service_types "
:
[],
"subnetpool_id "
:
null
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Updates a subnet.
Some attributes, such as IP version (ip_version), CIDR (cidr), and
segment (segment_id) cannot be updated. Attempting to update these
attributes results in a
400
Bad
Request
error.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| subnet_id | path | string | The ID of the subnet. |
| name (Optional) | body | string | Human-readable name of the resource. |
| enable_dhcp (Optional) | body | boolean |
Indicates whether dhcp is enabled or disabled
for the subnet. Default is
true
.
|
| dns_nameservers (Optional) | body | array | List of dns name servers associated with the subnet. Default is an empty list. |
| allocation_pools (Optional) | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet. If allocation_pools are not specified, OpenStack
Networking automatically allocates pools for covering all IP addresses
in the CIDR, excluding the address reserved for the subnet gateway by
default.
|
| host_routes (Optional) | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters. Default value is
an empty list.
|
| gateway_ip (Optional) | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet. If the gateway_ip is not
specified, OpenStack Networking allocates an address from the CIDR
for the gateway for the subnet by default.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| service_types (Optional) | body | array | The service types associated with the subnet. |
| segment_id (Optional) | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
{
"subnet "
:
{
"name "
:
"my_subnet "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| subnet | body | object |
A
subnet
object.
|
| id | body | string | The ID of the subnet. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| enable_dhcp | body | boolean | Indicates whether dhcp is enabled or disabled for the subnet. |
| network_id | body | string | The ID of the network to which the subnet belongs. |
| dns_nameservers | body | array | List of dns name servers associated with the subnet. |
| allocation_pools | body | array |
Allocation pools with
start
and
end
IP addresses
for this subnet.
|
| host_routes | body | array |
Additional routes for the subnet. A list of dictionaries with
destination
and
nexthop
parameters.
|
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| gateway_ip | body | string |
Gateway IP of this subnet. If the value is
null
that implies no
gateway is associated with the subnet.
|
| cidr | body | string | The CIDR of the subnet. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| ipv6_address_mode | body | string |
The IPv6 address modes specifies mechanisms for assigning IP addresses.
Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| ipv6_ra_mode | body | string |
The IPv6 router advertisement specifies whether the networking service
should transmit ICMPv6 packets, for a subnet. Value is
slaac
,
dhcpv6-stateful
,
dhcpv6-stateless
or
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| segment_id | body | string |
The ID of a network segment the subnet is associated with.
It is available when
segment
extension is enabled.
|
| service_types | body | array | The service types associated with the subnet. |
| subnetpool_id | body | string | The ID of the subnet pool associated with the subnet. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"subnet "
:
{
"name "
:
"my_subnet "
,
"enable_dhcp "
:
true
,
"network_id "
:
"db193ab3-96e3-4cb3-8fc5-05f4296d0324 "
,
"revision_number "
:
1
,
"segment_id "
:
null
,
"project_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"tenant_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_nameservers "
:
[],
"service_types "
:
[],
"allocation_pools "
:
[
{
"start "
:
"10.0.0.2 "
,
"end "
:
"10.0.0.254 "
}
],
"host_routes "
:
[],
"ip_version "
:
4
,
"gateway_ip "
:
"10.0.0.1 "
,
"cidr "
:
"10.0.0.0/24 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"id "
:
"08eae331-0402-425a-923c-34f7cfe39c1b "
,
"description "
:
""
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Deletes a subnet.
The operation fails if subnet IP addresses are still allocated.
Normal response codes: 204
Error response codes: 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| subnet_id | path | string | The ID of the subnet. |
There is no body content for the response of a successful DELETE request.
Note
While FWaaS v1.0 is still maintained, new features will be implemented in FWaaS v2.0 API.
Use the Firewall-as-a-Service (FWaaS) v1.0 extension to deploy firewalls to protect your networks.
The FWaaS extension enables you to:
This extension introduces these resources:
firewall
. A logical firewall resource that a project can
instantiate and manage. A firewall can have one firewall policy.
firewall_policy
. An ordered collection of firewall rules. You
can share a firewall policy across projects. You can include a
firewall policy as part of an audit workflow so that an
authorized relevant entity can audit the firewall policy. This
entity can differ from the user who created, or the projects
that use, the firewall policy.
firewall_rule
. A collection of attributes, such as ports and
IP addresses. These attributes define match criteria and an
action to take, such as allow or deny, on matched data traffic.
Lists all firewall policies.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| tenant_id | body | string | The ID of the project. |
| firewall_policies | body | array |
A list of
firewall_policy
objects.
|
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable description for the resource. |
| firewall_rules | body | array | A list of the IDs for firewall rule associated with the firewall policy. |
| id | body | string | The ID of the policy that is associated with the firewall. |
| name | body | string | Human-readable name of the resource. |
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| project_id | body | string | The ID of the project. |
{
"firewall_policies "
:
[
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"shared "
:
false
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
]
}
Creates a firewall policy.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| firewall_rules_id (Optional) | body | array | A list of rules to associate with the firewall policy. |
| name | body | string | Human-readable name of the resource. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"firewall_policy "
:
{
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"name "
:
"test-policy "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| name | body | string | Human-readable name of the resource. |
| firewall_rules | body | array | A list of the IDs for firewall rule associated with the firewall policy. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| id | body | string | The ID of the policy that is associated with the firewall. |
| description | body | string | A human-readable description for the resource. |
Shows details for a firewall policy.
If the user is not an administrative user and the firewall policy
object does not belong to the project, this call returns the
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable description for the resource. |
| firewall_rules | body | array | A list of the IDs for firewall rule associated with the firewall policy. |
| id | body | string | The ID of the policy that is associated with the firewall. |
| name | body | string | Human-readable name of the resource. |
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"firewall_policy "
:
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"shared "
:
false
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Updates a firewall policy.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| firewall_rule | body | object |
A
firewall_rule
object.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name | body | string | Human-readable name of the resource. |
{
"firewall_policy "
:
{
"firewall_rules "
:
[
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| project_id | body | string | The ID of the project. |
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable description for the resource. |
| firewall_rules | body | array | A list of the IDs for firewall rule associated with the firewall policy. |
| id | body | string | The ID of the policy that is associated with the firewall. |
| name | body | string | Human-readable name of the resource. |
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| tenant_id | body | string | The ID of the project. |
{
"firewall_policy "
:
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"shared "
:
false
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Deletes a firewall policy.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
There is no body content for the response of a successful DELETE request.
Insert firewall rule into a policy.
A firewall_rule_id is inserted relative to the position of the
firewall_rule_id set in
insert_before
or
insert_after
. If
insert_before
is set,
insert_after
is ignored. If both
insert_before
and
insert_after
are not set, the new
firewall_rule_id is inserted at the top of the policy.
Normal response codes: 200
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| firewall_rule_id | body | string | The ID of the firewall rule. |
| insert_after (Optional) | body | string | The ID of the firewall_rule. A new firewall_rule will be inserted after this firewall_rule. |
| insert_before (Optional) | body | string | The ID of the firewall_rule. A new firewall_rule will be inserted before this firewall_rule. |
{
"firewall_rule_id "
:
"7bc34b8c-8d3b-4ada-a9c8-1f4c11c65692 "
,
"insert_after "
:
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"insert_before "
:
""
}
| Name | In | Type | Description |
|---|---|---|---|
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable description for the resource. |
| firewall_list | body | array | A list of the IDs of firewalls associated with the firewall policy. |
| firewall_rules | body | array | A list of the IDs for firewall rule associated with the firewall policy. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| id | body | string | The ID of the policy that is associated with the firewall. |
| name | body | string | Human-readable name of the resource. |
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"audited "
:
false
,
"description "
:
""
,
"firewall_list "
:
[],
"firewall_rules "
:
[
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"7bc34b8c-8d3b-4ada-a9c8-1f4c11c65692 "
,
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"shared "
:
false
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
Remove firewall rule from a policy.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| firewall_rule_id | body | string | The ID of the firewall rule. |
{
"firewall_rule_id "
:
"7bc34b8c-8d3b-4ada-a9c8-1f4c11c65692 "
}
| Name | In | Type | Description |
|---|---|---|---|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| audited | body | boolean |
Each time that the firewall policy or its
associated rules are changed, the API sets this attribute to
false
. To audit the policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable description for the resource. |
| firewall_list | body | array | A list of the IDs of firewalls associated with the firewall policy. |
| firewall_rules | body | array | A list of the IDs for firewall rule associated with the firewall policy. |
| id | body | string | The ID of the FWaaS v1 firewall. |
| name | body | string | Human-readable name of the resource. |
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
{
"audited "
:
false
,
"description "
:
""
,
"firewall_list "
:
[],
"firewall_rules "
:
[
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"shared "
:
false
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
Lists all firewall rules.
The list might be empty.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid value is
allow
,
deny
or
reject
.
Default is
deny
.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR. No default. |
| destination_port | body | string |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| id | body | string | The ID of the FWaaS v1 firewall. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| name | body | string | Human-readable name of the resource. |
| position | body | integer |
Read-only attribute that the API assigns to this
rule when it associates it with a firewall policy. This value
indicates the position of this rule in that firewall policy. This
position number starts at 1. If the firewall rule is not
associated with any policy, the position is
null
.
|
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR. |
| source_port (Optional) | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
{
"firewall_rules "
:
[
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
1
,
"protocol "
:
"tcp "
,
"shared "
:
false
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
]
}
Creates a firewall rule.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action (Optional) | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid value is
allow
or
deny
.
Default is
deny
.
|
| destination_port (Optional) | body | string |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled (Optional) | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| enabled (Optional) | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| name | body | string | Human-readable name of the resource. |
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| destination_ip_address (Optional) | body | string | The destination IPv4 or IPv6 address or CIDR. No default. |
| source_port | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"name "
:
"ALLOW_HTTP "
,
"protocol "
:
"tcp "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid value is
allow
,
deny
or
reject
.
Default is
deny
.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR. No default. |
| destination_port | body | string |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| id | body | string | The ID of the FWaaS v1 firewall. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| name | body | string | Human-readable name of the resource. |
| position | body | integer |
Read-only attribute that the API assigns to this
rule when it associates it with a firewall policy. This value
indicates the position of this rule in that firewall policy. This
position number starts at 1. If the firewall rule is not
associated with any policy, the position is
null
.
|
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR. |
| source_port (Optional) | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
null
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
null
,
"protocol "
:
"tcp "
,
"shared "
:
false
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Shows details for a firewall rule.
If the user is not an administrative user and the firewall rule
object does not belong to the project, this call returns the
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule_id | path | string | The ID for the firewall rule. |
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid value is
allow
,
deny
or
reject
.
Default is
deny
.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR. No default. |
| destination_port | body | string |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| firewall_policy_id (Optional) | body | string |
Read-only attribute that the API populates with
the ID of the firewall policy when you associate this firewall
rule with a policy. You can associate a firewall rule with one
policy at a time. You can update this association can to a
different firewall policy. If you do not associate the rule with
any policy, this attribute is
null
.
|
| id | body | string | The ID of the firewall rule. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| name | body | string | Human-readable name of the resource. |
| position | body | integer |
Read-only attribute that the API assigns to this
rule when it associates it with a firewall policy. This value
indicates the position of this rule in that firewall policy. This
position number starts at 1. If the firewall rule is not
associated with any policy, the position is
null
.
|
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR. |
| source_port (Optional) | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
null
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
null
,
"protocol "
:
"tcp "
,
"shared "
:
false
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Updates a firewall rule.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule_id | path | string | The ID for the firewall rule. |
| firewall_rule | body | object |
A
firewall_rule
object.
|
| shared (Optional) | body | boolean | Indicates whether this resource is shared across all projects. By default, only administrative users can change this value. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| enabled (Optional) | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| destination_ip_address (Optional) | body | string | The destination IPv4 or IPv6 address or CIDR. No default. |
| source_port | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
| action (Optional) | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid value is
allow
or
deny
.
Default is
deny
.
|
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| destination_port (Optional) | body | string |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| name | body | string | Human-readable name of the resource. |
{
"firewall_rule "
:
{
"shared "
:
"true "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid value is
allow
,
deny
or
reject
.
Default is
deny
.
|
| description | body | string | A human-readable description for the resource. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| enabled (Optional) | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| source_port | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
| ip_version (Optional) | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR. No default. |
| destination_port | body | string |
The destination port or port range. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the
firewall policy. Facilitates selectively turning off rules without
having to disassociate the rule from the firewall policy. Valid
value is
true
or
false
. Default is
true
.
|
| firewall_policy_id (Optional) | body | string |
Read-only attribute that the API populates with
the ID of the firewall policy when you associate this firewall
rule with a policy. You can associate a firewall rule with one
policy at a time. You can update this association can to a
different firewall policy. If you do not associate the rule with
any policy, this attribute is
null
.
|
| id | body | string | The ID of the firewall rule. |
| ip_version | body | integer |
The IP protocol version. Valid value is
4
or
6
. Default is
4
.
|
| name | body | string | Human-readable name of the resource. |
| position | body | integer |
Read-only attribute that the API assigns to this
rule when it associates it with a firewall policy. This value
indicates the position of this rule in that firewall policy. This
position number starts at 1. If the firewall rule is not
associated with any policy, the position is
null
.
|
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| shared | body | boolean | Indicates whether this resource is shared across all projects. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR. |
| source_port (Optional) | body | string |
The source port or port range. A valid value is
a port number, as an integer, or a port range, in the format of a
:
separated range. For a port range, include both ends of the
range. For example,
80:90
.
|
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
1
,
"protocol "
:
"tcp "
,
"shared "
:
true
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Deletes a firewall rule.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule_id | path | string | The ID for the firewall rule. |
There is no body content for the response of a successful DELETE request.
Lists all firewalls.
The list might be empty.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| firewalls | body | array |
A list of
firewall_rule
objects.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| description | body | string | A human-readable description for the resource. |
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| id | body | string | The ID of the FWaaS v1 firewall. |
| name | body | string | Human-readable name of the resource. |
| status | body | string |
The status of the firewall service. Values are
ACTIVE
,
INACTIVE
,
ERROR
,
DOWN
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
{
"firewalls "
:
[
{
"admin_state_up "
:
true
,
"description "
:
""
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"name "
:
""
,
"status "
:
"ACTIVE "
,
"router_ids "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
]
}
Creates a firewall.
The firewall must be associated with a firewall policy.
If
admin_state_up
is
false
, the firewall would block all
traffic.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| firewall | body | object |
A
firewall
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name | body | string | Human-readable name of the resource. |
| router_ids (Optional) | body | array | A list of IDs for routers that are associated with the firewall. |
{
"firewall "
:
{
"admin_state_up "
:
true
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall | body | object |
A
firewall
object.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| id | body | string | The ID of the FWaaS v1 firewall. |
| name | body | string | Human-readable name of the resource. |
| status | body | string |
The status of the firewall service. Values are
ACTIVE
,
INACTIVE
,
ERROR
,
DOWN
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| router_ids | body | array | A list of IDs for routers that are associated with the firewall. |
{
"firewall "
:
{
"admin_state_up "
:
true
,
"description "
:
""
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"name "
:
""
,
"status "
:
"PENDING_CREATE "
,
"router_ids "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Shows details for a firewall.
If the user is not an administrative user and the firewall object
does not belong to the project, this call returns the
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_id | path | string | The ID of the firewall. |
| Name | In | Type | Description |
|---|---|---|---|
| firewall | body | object |
A
firewall
object.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| status | body | string |
The status of the firewall service. Values are
ACTIVE
,
INACTIVE
,
ERROR
,
DOWN
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| firewall_policy_id (Optional) | body | string |
Read-only attribute that the API populates with
the ID of the firewall policy when you associate this firewall
rule with a policy. You can associate a firewall rule with one
policy at a time. You can update this association can to a
different firewall policy. If you do not associate the rule with
any policy, this attribute is
null
.
|
| id | body | string | The ID of the firewall rule. |
| name | body | string | Human-readable name of the resource. |
| router_ids | body | array | A list of IDs for routers that are associated with the firewall. |
{
"firewall "
:
{
"admin_state_up "
:
true
,
"description "
:
""
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"name "
:
""
,
"status "
:
"ACTIVE "
,
"router_ids "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Updates a firewall.
To update a service, the service status cannot be a
PENDING_*
status.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_id | path | string | The ID of the firewall. |
| firewall | body | object |
A
firewall
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| name | body | string | Human-readable name of the resource. |
| router_ids (Optional) | body | array | A list of IDs for routers that are associated with the firewall. |
{
"firewall "
:
{
"admin_state_up "
:
"false "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall | body | object |
A
firewall
object.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| status | body | string |
The status of the firewall service. Values are
ACTIVE
,
INACTIVE
,
ERROR
,
DOWN
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| firewall_policy_id | body | string | The ID of the policy that is associated with the firewall. |
| id | body | string | The ID of the FWaaS v1 firewall. |
| name | body | string | Human-readable name of the resource. |
| router_ids | body | array | A list of IDs for routers that are associated with the firewall. |
{
"firewall "
:
{
"admin_state_up "
:
false
,
"description "
:
""
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"name "
:
""
,
"status "
:
"PENDING_UPDATE "
,
"router_ids "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Use the Firewall-as-a-Service (FWaaS) v2.0 extension to deploy firewall groups to protect your networks.
The FWaaS extension enables you to:
This extension introduces the following resources:
firewall_group
. A logical firewall resource that a project can
create and manage. A firewall group can have a firewall policy for
ingress traffic and/or a firewall policy for egress traffic.
firewall_policy
. An ordered collection of firewall rules. You
can share a firewall policy across projects. You can include a
firewall policy as part of an audit workflow so that an
authorized relevant entity can audit the firewall policy. This
entity can differ from the user who created, or the projects
that use, the firewall policy.
firewall_rule
. A collection of attributes, such as source and
destination ports, source and destination IP addresses, protocol,
and IP version. These attributes define match criteria and an
action to take, such as allow, reject, or deny, on matched data
traffic.
Lists all firewall groups.
The list might be empty.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| firewall_groups | body | array |
A list of
firewall_group
objects.
|
| admin_state_up | body | boolean |
The administrative state of the firewall group, which
is up (
true
) or down (
false
). Default is
true
.
|
| description | body | object | A human-readable description of the firewall group. |
| egress_firewall_policy_id | body | string | The ID of the egress firewall policy for the firewall group. |
| id | body | string | The ID of the firewall group. |
| ingress_firewall_policy_id | body | string | The ID of the ingress firewall policy for the firewall group. |
| name | body | string | A human-readable name for the firewall group. |
| ports | body | array | A list of the IDs of the ports associated with the firewall group. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean | Indicates whether this firewall group is shared across all projects. |
| status | body | string |
The status of the firewall group. Valid values are
ACTIVE
,
INACTIVE
,
ERROR
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_groups "
:
[
{
"admin_state_up "
:
true
,
"description "
:
""
,
"egress_firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"ingress_firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
""
,
"ports "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"shared "
:
true
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"status "
:
"ACTIVE "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
]
}
Shows details for a firewall group.
If the user is not an administrative user and the firewall group
object does not belong to the project, this call returns the
FirewallGroupNotFound
(404)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group_id | path | string | The ID of the firewall group. |
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group | body | object |
A
firewall_group
object.
|
| admin_state_up | body | boolean |
The administrative state of the firewall group, which
is up (
true
) or down (
false
). Default is
true
.
|
| description | body | object | A human-readable description of the firewall group. |
| egress_firewall_policy_id | body | string | The ID of the egress firewall policy for the firewall group. |
| id | body | string | The ID of the firewall group. |
| ingress_firewall_policy_id | body | string | The ID of the ingress firewall policy for the firewall group. |
| name | body | string | A human-readable name for the firewall group. |
| ports | body | array | A list of the IDs of the ports associated with the firewall group. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean | Indicates whether this firewall group is shared across all projects. |
| status | body | string |
The status of the firewall group. Valid values are
ACTIVE
,
INACTIVE
,
ERROR
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_group "
:
{
"admin_state_up "
:
true
,
"description "
:
""
,
"egress_firewall_policy_id "
:
null
,
"id "
:
"07411bda-0147-418b-af05-c8665630d937 "
,
"ingress_firewall_policy_id "
:
null
,
"name "
:
""
,
"project_id "
:
"96108b04417b416e9b9bc788c11c42c9 "
,
"shared "
:
false
,
"status "
:
"INACTIVE "
,
"tenant_id "
:
"96108b04417b416e9b9bc788c11c42c9 "
}
}
Creates a firewall group.
The firewall group may be associated with an ingress firewall policy and/or an egress firewall policy.
If
admin_state_up
is
false
, the firewall group will block all
traffic.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group | body | object |
A
firewall_group
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the firewall group, which
is up (
true
) or down (
false
). Default is
true
.
|
| description (Optional) | body | object | A human-readable description of the firewall group. |
| egress_firewall_policy_id (Optional) | body | string | The ID of the egress firewall policy for the firewall group. |
| ingress_firewall_policy_id (Optional) | body | string | The ID of the ingress firewall policy for the firewall group. |
| name (Optional) | body | string | A human-readable name for the firewall group. |
| ports (Optional) | body | array | A list of the IDs of the ports associated with the firewall group. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. |
| shared (Optional) | body | boolean | Indicates whether this firewall group is shared across all projects. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. |
{
"firewall_group "
:
{
"admin_state_up "
:
false
,
"egress_firewall_policy_id "
:
"14c9d3c1-b472-44f9-8226-30dc4ffd454c "
,
"ingress_firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group | body | object |
A
firewall_group
object.
|
| admin_state_up | body | boolean |
The administrative state of the firewall group, which
is up (
true
) or down (
false
). Default is
true
.
|
| description | body | object | A human-readable description of the firewall group. |
| egress_firewall_policy_id | body | string | The ID of the egress firewall policy for the firewall group. |
| id | body | string | The ID of the firewall group. |
| ingress_firewall_policy_id | body | string | The ID of the ingress firewall policy for the firewall group. |
| name | body | string | A human-readable name for the firewall group. |
| ports | body | array | A list of the IDs of the ports associated with the firewall group. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean | Indicates whether this firewall group is shared across all projects. |
| status | body | string |
The status of the firewall group. Valid values are
ACTIVE
,
INACTIVE
,
ERROR
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_group "
:
{
"admin_state_up "
:
true
,
"description "
:
""
,
"egress_firewall_policy_id "
:
"1244ed87-b472-44f9-8226-30dc4ffd454c "
,
"ingress_firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"name "
:
""
,
"ports "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"shared "
:
true
,
"status "
:
"PENDING_CREATE "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Updates a firewall group.
The firewall group cannot be updated if its status is a PENDING_* status.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group_id | path | string | The ID of the firewall group. |
| firewall_group | body | object |
A
firewall_group
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the firewall group, which
is up (
true
) or down (
false
). Default is
true
.
|
| description (Optional) | body | object | A human-readable description of the firewall group. |
| egress_firewall_policy_id (Optional) | body | string | The ID of the egress firewall policy for the firewall group. |
| ingress_firewall_policy_id (Optional) | body | string | The ID of the ingress firewall policy for the firewall group. |
| name (Optional) | body | string | A human-readable name for the firewall group. |
| ports (Optional) | body | array | A list of the IDs of the ports associated with the firewall group. |
| shared (Optional) | body | boolean | Indicates whether this firewall group is shared across all projects. |
{
"firewall_group "
:
{
"admin_state_up "
:
"false "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group | body | object |
A
firewall_group
object.
|
| admin_state_up | body | boolean |
The administrative state of the firewall group, which
is up (
true
) or down (
false
). Default is
true
.
|
| description | body | object | A human-readable description of the firewall group. |
| egress_firewall_policy_id | body | string | The ID of the egress firewall policy for the firewall group. |
| id | body | string | The ID of the firewall group. |
| ingress_firewall_policy_id | body | string | The ID of the ingress firewall policy for the firewall group. |
| name | body | string | A human-readable name for the firewall group. |
| ports | body | array | A list of the IDs of the ports associated with the firewall group. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean | Indicates whether this firewall group is shared across all projects. |
| status | body | string |
The status of the firewall group. Valid values are
ACTIVE
,
INACTIVE
,
ERROR
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_group "
:
{
"admin_state_up "
:
false
,
"description "
:
""
,
"egress_firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"ingress_firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"3b0ef8f4-82c7-44d4-a4fb-6177f9a21977 "
,
"name "
:
""
,
"ports "
:
[
"650bfd2f-7766-4a0d-839f-218f33e16998 "
],
"shared "
:
true
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"status "
:
"PENDING_UPDATE "
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Deletes a firewall group.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_group_id | path | string | The ID of the firewall group. |
There is no body content for the response of a successful DELETE request.
Lists all firewall policies.
The list might be empty.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policies | body | array |
A list of
firewall_policy
objects.
|
| audited | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable name of the firewall policy. |
| id | body | string | The ID of the firewall policy. |
| firewall_rules | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| name | body | string | A human-readable name of the firewall policy. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_policies "
:
[
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"shared "
:
false
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
]
}
Shows details of a firewall policy.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| Name | In | Type | Description |
|---|---|---|---|
| audited | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable name of the firewall policy. |
| firewall_rules | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| id | body | string | The ID of the firewall policy. |
| name | body | string | A human-readable name of the firewall policy. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_policy "
:
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"shared "
:
false
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Creates a firewall policy.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| audited (Optional) | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description (Optional) | body | string | A human-readable name of the firewall policy. |
| firewall_rules (Optional) | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| name (Optional) | body | string | A human-readable name of the firewall policy. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. |
| shared (Optional) | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. |
{
"firewall_policy "
:
{
"name "
:
"test-policy "
,
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| audited | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable name of the firewall policy. |
| firewall_rules | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| id | body | string | The ID of the firewall policy. |
| name | body | string | A human-readable name of the firewall policy. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_policy "
:
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"shared "
:
false
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Updates a firewall policy.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| firewall_policy | body | object |
A
firewall_policy
object.
|
| audited (Optional) | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description (Optional) | body | string | A human-readable name of the firewall policy. |
| firewall_rules (Optional) | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| name (Optional) | body | string | A human-readable name of the firewall policy. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. |
| shared (Optional) | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. |
{
"firewall_policy "
:
{
"firewall_rules "
:
[
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy | body | object |
A
firewall_policy
object.
|
| audited | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable name of the firewall policy. |
| firewall_rules | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| id | body | string | The ID of the firewall policy. |
| name | body | string | A human-readable name of the firewall policy. |
| shared | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| project_id | body | string | The ID of the project that owns the resource. |
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_policy "
:
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
],
"id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"name "
:
"test-policy "
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"shared "
:
false
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Deletes a firewall policy.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
There is no body content for the response of a successful DELETE request.
Lists all firewall rules.
The list might be empty.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rules | body | object |
A list of
firewall_rule
objects.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid values are
allow
or
deny
.
Default is
deny
.
|
| description | body | string | A human-readable description of the firewall rule. |
| destination_firewall_group_id | body | string | The ID of the remote destination firewall group. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| destination_port | body | string |
The destination port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the firewall policy.
Facilitates selectively turning off rules without having to
disassociate the rule from the firewall policy. Valid values are
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the firewall policy. |
| id | body | string | The ID of the firewall rule. |
| ip_version | body | integer |
The IP protocol version for the firewall rule. Valid values
are
4
or
6
. Default is
4
.
|
| name | body | string | A human-readable name of the firewall rule. |
| project_id | body | string | The ID of the project that owns the resource. |
| protocol | body | string |
The IP protocol for the firewall rule. Possible values are
icmp
,
tcp
,
udp
, or
null
.
|
| shared | body | boolean | Indicates whether this firewall rule is shared across all projects. |
| source_firewall_group_id | body | string | The ID of the remote source firewall group. |
| source_ip_address | body | string | The source IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| source_port | body | string |
The source port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_rules "
:
[
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_firewall_group_id "
:
null
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
1
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"protocol "
:
"tcp "
,
"shared "
:
false
,
"source_firewall_group_id "
:
null
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
]
}
Shows details for a firewall rule.
If the user is not an administrative user and the firewall rule
object does not belong to the project, this call returns the
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule_id | path | string | The ID for the firewall rule. |
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid values are
allow
or
deny
.
Default is
deny
.
|
| description | body | string | A human-readable description of the firewall rule. |
| destination_firewall_group_id | body | string | The ID of the remote destination firewall group. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| destination_port | body | string |
The destination port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the firewall policy.
Facilitates selectively turning off rules without having to
disassociate the rule from the firewall policy. Valid values are
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the firewall policy. |
| id | body | string | The ID of the firewall rule. |
| ip_version | body | integer |
The IP protocol version for the firewall rule. Valid values
are
4
or
6
. Default is
4
.
|
| name | body | string | A human-readable name of the firewall rule. |
| project_id | body | string | The ID of the project that owns the resource. |
| protocol | body | string |
The IP protocol for the firewall rule. Possible values are
icmp
,
tcp
,
udp
, or
null
.
|
| shared | body | boolean | Indicates whether this firewall rule is shared across all projects. |
| source_firewall_group_id | body | string | The ID of the remote source firewall group. |
| source_ip_address | body | string | The source IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| source_port | body | string |
The source port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_firewall_group_id "
:
null
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
null
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
null
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"protocol "
:
"tcp "
,
"shared "
:
false
,
"source_firewall_group_id "
:
null
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Creates a firewall rule.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action (Optional) | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid values are
allow
or
deny
.
Default is
deny
.
|
| description (Optional) | body | string | A human-readable description of the firewall rule. |
| destination_firewall_group_id (Optional) | body | string | The ID of the remote destination firewall group. |
| destination_ip_address (Optional) | body | string | The destination IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| destination_port (Optional) | body | string |
The destination port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled (Optional) | body | boolean |
Set to
false
to disable this rule in the firewall policy.
Facilitates selectively turning off rules without having to
disassociate the rule from the firewall policy. Valid values are
true
or
false
. Default is
true
.
|
| ip_version (Optional) | body | integer |
The IP protocol version for the firewall rule. Valid values are
4
or
6
. Default is
4
.
|
| name (Optional) | body | string | A human-readable name of the firewall rule. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. |
| protocol (Optional) | body | string |
The IP protocol for the firewall rule. Possible values are
icmp
,
tcp
,
udp
, or
null
.
|
| shared (Optional) | body | boolean | Indicates whether this firewall rule is shared across all projects. |
| source_firewall_group_id (Optional) | body | string | The ID of the remote source firewall group. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| source_port (Optional) | body | string |
The source port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. |
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"name "
:
"ALLOW_HTTP "
,
"protocol "
:
"tcp "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid values are
allow
or
deny
.
Default is
deny
.
|
| description | body | string | A human-readable description of the firewall rule. |
| destination_firewall_group_id | body | string | The ID of the remote destination firewall group. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| destination_port | body | string |
The destination port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the firewall policy.
Facilitates selectively turning off rules without having to
disassociate the rule from the firewall policy. Valid values are
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the firewall policy. |
| id | body | string | The ID of the firewall rule. |
| ip_version | body | integer |
The IP protocol version for the firewall rule. Valid values
are
4
or
6
. Default is
4
.
|
| name | body | string | A human-readable name of the firewall rule. |
| project_id | body | string | The ID of the project that owns the resource. |
| protocol | body | string |
The IP protocol for the firewall rule. Possible values are
icmp
,
tcp
,
udp
, or
null
.
|
| shared | body | boolean | Indicates whether this firewall rule is shared across all projects. |
| source_firewall_group_id | body | string | The ID of the remote source firewall group. |
| source_ip_address | body | string | The source IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| source_port | body | string |
The source port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_rule "
:
{
"action "
:
"deny "
,
"description "
:
""
,
"destination_firewall_group_id "
:
null
,
"destination_ip_address "
:
null
,
"destination_port "
:
null
,
"enabled "
:
true
,
"id "
:
"1fd59b2f-cc87-435f-a244-1df2c0cc3f70 "
,
"ip_version "
:
4
,
"name "
:
"rule3 "
,
"project_id "
:
"95573613ec554b4b8df9f2679c64557b "
,
"protocol "
:
null
,
"shared "
:
false
,
"source_firewall_group_id "
:
null
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"tenant_id "
:
"95573613ec554b4b8df9f2679c64557b "
}
}
Updates a firewall rule.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule_id | path | string | The ID for the firewall rule. |
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action (Optional) | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid values are
allow
or
deny
.
Default is
deny
.
|
| description (Optional) | body | string | A human-readable description of the firewall rule. |
| destination_firewall_group_id (Optional) | body | string | The ID of the remote destination firewall group. |
| destination_ip_address (Optional) | body | string | The destination IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| destination_port (Optional) | body | string |
The destination port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled (Optional) | body | boolean |
Set to
false
to disable this rule in the firewall policy.
Facilitates selectively turning off rules without having to
disassociate the rule from the firewall policy. Valid values are
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the firewall policy. |
| ip_version (Optional) | body | integer |
The IP protocol version for the firewall rule. Valid values are
4
or
6
. Default is
4
.
|
| name (Optional) | body | string | A human-readable name of the firewall rule. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. |
| protocol (Optional) | body | string |
The IP protocol for the firewall rule. Possible values are
icmp
,
tcp
,
udp
, or
null
.
|
| shared (Optional) | body | boolean | Indicates whether this firewall rule is shared across all projects. |
| source_firewall_group_id (Optional) | body | string | The ID of the remote source firewall group. |
| source_ip_address (Optional) | body | string | The source IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| source_port (Optional) | body | string |
The source port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. |
{
"firewall_rule "
:
{
"shared "
:
true
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule | body | object |
A
firewall_rule
object.
|
| action | body | string |
The action that the API performs on traffic that
matches the firewall rule. Valid values are
allow
or
deny
.
Default is
deny
.
|
| description | body | string | A human-readable description of the firewall rule. |
| destination_firewall_group_id | body | string | The ID of the remote destination firewall group. |
| destination_ip_address | body | string | The destination IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| destination_port | body | string |
The destination port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| enabled | body | boolean |
Set to
false
to disable this rule in the firewall policy.
Facilitates selectively turning off rules without having to
disassociate the rule from the firewall policy. Valid values are
true
or
false
. Default is
true
.
|
| firewall_policy_id | body | string | The ID of the firewall policy. |
| id | body | string | The ID of the firewall rule. |
| ip_version | body | integer |
The IP protocol version for the firewall rule. Valid values
are
4
or
6
. Default is
4
.
|
| name | body | string | A human-readable name of the firewall rule. |
| project_id | body | string | The ID of the project that owns the resource. |
| protocol | body | string |
The IP protocol for the firewall rule. Possible values are
icmp
,
tcp
,
udp
, or
null
.
|
| shared | body | boolean | Indicates whether this firewall rule is shared across all projects. |
| source_firewall_group_id | body | string | The ID of the remote source firewall group. |
| source_ip_address | body | string | The source IPv4 or IPv6 address or CIDR for the firewall rule. No default. |
| source_port | body | string |
The source port or port range for the firewall rule. A valid
value is a port number, as an integer, or a port range, in the
format of a
:
separated range. For a port range, include both
ends of the range. For example,
80:90
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"firewall_rule "
:
{
"action "
:
"allow "
,
"description "
:
""
,
"destination_firewall_group_id "
:
null
,
"destination_ip_address "
:
null
,
"destination_port "
:
"80 "
,
"enabled "
:
true
,
"firewall_policy_id "
:
"c69933c1-b472-44f9-8226-30dc4ffd454c "
,
"id "
:
"8722e0e0-9cc9-4490-9660-8c9a5732fbb0 "
,
"ip_version "
:
4
,
"name "
:
"ALLOW_HTTP "
,
"position "
:
1
,
"project_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
,
"protocol "
:
"tcp "
,
"shared "
:
true
,
"source_firewall_group_id "
:
null
,
"source_ip_address "
:
null
,
"source_port "
:
null
,
"tenant_id "
:
"45977fa2dbd7482098dd68d0d8970117 "
}
}
Deletes a firewall rule. samples/firewall-v2/firewall-policy-create-response.json
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_rule_id | path | string | The ID for the firewall rule. |
Insert firewall rule into a policy.
A firewall_rule_id is inserted relative to the position of the
firewall_rule_id set in
insert_before
or
insert_after
. If
insert_before
is set,
insert_after
is ignored. If both
insert_before
and
insert_after
are not set, the new
firewall_rule_id is inserted as the first rule of the policy.
Normal response codes: 200
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| firewall_rule_id | body | string | The ID of the firewall rule. |
| insert_after | body | string |
The ID of the firewall_rule to insert the new rule after. The new
rule will be inserted immediately after the specified firewall_rule.
If both
before
and
after
values are supplied, the
after
value
will be ignored. To insert a rule into a policy with no rules yet,
the both the
before
and the
after
values must be “”.
|
| insert_before | body | string |
The ID of the firewall_rule to insert the new rule before. The new
rule will be inserted immediately before the specified firewall_rule.
If both
before
and
after
values are supplied, the
after
value
will be ignored. To insert a rule into a policy with no rules yet,
the both the
before
and the
after
values must be “”.
|
{
"firewall_rule_id "
:
"7bc34b8c-8d3b-4ada-a9c8-1f4c11c65692 "
,
"insert_after "
:
"a08ef905-0ff6-4784-8374-175fffe7dade "
,
"insert_before "
:
""
}
| Name | In | Type | Description |
|---|---|---|---|
| audited | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable name of the firewall policy. |
| firewall_rules | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| id | body | string | The ID of the firewall policy. |
| name | body | string | A human-readable name of the firewall policy. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[
"acbdfead-eca2-4456-838c-8b531e47b9c7 "
],
"id "
:
"c9e15d6e-b6ba-4ef4-8715-985d1f100467 "
,
"name "
:
"policy2 "
,
"shared "
:
false
,
"project_id "
:
"95573613ec554b4b8df9f2679c64557b "
,
"tenant_id "
:
"95573613ec554b4b8df9f2679c64557b "
}
Remove firewall rule from a policy.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| firewall_policy_id | path | string | The ID of the firewall policy. |
| firewall_rule_id | body | string | The ID of the firewall rule. |
{
"firewall_rule_id "
:
"7bc34b8c-8d3b-4ada-a9c8-1f4c11c65692 "
}
| Name | In | Type | Description |
|---|---|---|---|
| audited | body | boolean |
Each time that the firewall policy or its associated rules are
changed, the API sets this attribute to
false
. To audit the
policy, explicitly set this attribute to
true
.
|
| description | body | string | A human-readable name of the firewall policy. |
| firewall_rules | body | array | A list of the IDs of the firewall rules associated with the firewall policy. |
| id | body | string | The ID of the firewall policy. |
| name | body | string | A human-readable name of the firewall policy. |
| project_id | body | string | The ID of the project that owns the resource. |
| shared | body | boolean |
Set to
true
to make this firewall policy
visible to other projects. Default is
false
.
|
| tenant_id | body | string | The ID of the project that owns the resource. |
{
"audited "
:
false
,
"description "
:
""
,
"firewall_rules "
:
[],
"id "
:
"c9e15d6e-b6ba-4ef4-8715-985d1f100467 "
,
"name "
:
"policy2 "
,
"project_id "
:
"95573613ec554b4b8df9f2679c64557b "
,
"shared "
:
false
,
"tenant_id "
:
"95573613ec554b4b8df9f2679c64557b "
}
Lists, shows details for, creates, updates, and deletes RBAC policies.
The presence of the
rbac-security-groups
extension extends this
API to support object types of
security_group
.
Show details for a given RBAC policy.
You can control which response parameters are returned by using the fields query parameter. For information, see Filtering and column selection .
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| rbac_policy_id | path | string | The ID of the RBAC policy. |
| Name | In | Type | Description |
|---|---|---|---|
| target_tenant | body | string | The ID of the tenant to which the RBAC policy will be enforced. |
| tenant_id | body | string | The ID of the project that owns the resource. |
| object_type | body | string |
The type of the object that the RBAC policy affects. Types include
qos-policy
or
network
.
|
| object_id | body | string |
The ID of the
object_type
resource. An
object_type
of
network
returns a network ID and an
object_type
of
qos-policy
returns
a QoS ID.
|
| action | body | string |
Action for the RBAC policy which is
access_as_external
or
access_as_shared
.
|
| project_id | body | string | The ID of the project. |
| id | body | string | The ID of the RBAC policy. |
{
"rbac_policy "
:
{
"target_tenant "
:
"*"
,
"tenant_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"object_type "
:
"network "
,
"object_id "
:
"1f32f072-4d17-4811-b619-3623d018bd40 "
,
"action "
:
"access_as_external "
,
"project_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"id "
:
"6d4c666e-1aad-465e-b670-4d112b760137 "
}
}
Update RBAC policy for given tenant.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| rbac_policy_id | path | string | The ID of the RBAC policy. |
| target_tenant | body | string | The ID of the tenant to which the RBAC policy will be enforced. |
{
"rbac_policy "
:
{
"target_tenant "
:
"*"
}
}
| Name | In | Type | Description |
|---|---|---|---|
| target_tenant | body | string | The ID of the tenant to which the RBAC policy will be enforced. |
| tenant_id | body | string | The ID of the project that owns the resource. |
| object_type | body | string |
The type of the object that the RBAC policy affects. Types include
qos-policy
or
network
.
|
| object_id | body | string |
The ID of the
object_type
resource. An
object_type
of
network
returns a network ID and an
object_type
of
qos-policy
returns
a QoS ID.
|
| action | body | string |
Action for the RBAC policy which is
access_as_external
or
access_as_shared
.
|
| project_id | body | string | The ID of the project. |
| id | body | string | The ID of the RBAC policy. |
{
"rbac_policy "
:
{
"target_tenant "
:
"*"
,
"tenant_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"object_type "
:
"network "
,
"object_id "
:
"1f32f072-4d17-4811-b619-3623d018bd40 "
,
"action "
:
"access_as_external "
,
"project_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"id "
:
"6d4c666e-1aad-465e-b670-4d112b760137 "
}
}
Delete an RBAC policy.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| rbac_policy_id | path | string | The ID of the RBAC policy. |
There is no body content for the response of a successful DELETE request.
List RBAC policies that belong to a given tenant.
Use the
fields
query parameter to filter the response. For
information, see Filtering and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| target_tenant (Optional) | query | string | Filter the RBAC policy list result by the ID of the tenant to which the RBAC policy will be enforced. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| object_type (Optional) | query | string |
Filter the RBAC policy list result by the type of the object that the
RBAC policy affects. Types include
qos-policy
,
network
, or
security-group
.
|
| object_id (Optional) | query | string |
Filter the RBAC policy list result by the ID of the
object_type
resource. An
object_type
of
network
returns a network ID,
an
object_type
of
qos-policy
returns a QoS policy ID, and
an
object_type
of
security-group
returns a security group ID.
|
| action (Optional) | query | string |
Filter the RBAC policy list result by the action for the RBAC policy
which is
access_as_external
or
access_as_shared
.
|
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a RBAC policy attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| target_tenant | body | string | The ID of the tenant to which the RBAC policy will be enforced. |
| tenant_id | body | string | The ID of the project that owns the resource. |
| object_type | body | string |
The type of the object that the RBAC policy affects. Types include
qos-policy
or
network
.
|
| object_id | body | string |
The ID of the
object_type
resource. An
object_type
of
network
returns a network ID and an
object_type
of
qos-policy
returns
a QoS ID.
|
| action | body | string |
Action for the RBAC policy which is
access_as_external
or
access_as_shared
.
|
| project_id | body | string | The ID of the project. |
| id | body | string | The ID of the RBAC policy. |
{
"rbac_policies "
:
[
{
"target_tenant "
:
"*"
,
"tenant_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"object_type "
:
"network "
,
"object_id "
:
"1f32f072-4d17-4811-b619-3623d018bd40 "
,
"action "
:
"access_as_external "
,
"project_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"id "
:
"6d4c666e-1aad-465e-b670-4d112b760137 "
}
]
}
Create RBAC policy for given tenant.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| target_tenant | body | string | The ID of the tenant to which the RBAC policy will be enforced. |
| object_type | body | string |
The type of the object that the RBAC policy affects. Types include
qos-policy
or
network
.
|
| object_id | body | string |
The ID of the
object_type
resource. An
object_type
of
network
returns a network ID and an
object_type
of
qos-policy
returns
a QoS ID.
|
| action | body | string |
Action for the RBAC policy which is
access_as_external
or
access_as_shared
.
|
{
"rbac_policy "
:
{
"action "
:
"access_as_shared "
,
"object_type "
:
"network "
,
"target_tenant "
:
"0670b690f27e47a58b6a479d26004715 "
,
"object_id "
:
"1f32f072-4d17-4811-b619-3623d018bd40 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| target_tenant | body | string | The ID of the tenant to which the RBAC policy will be enforced. |
| tenant_id | body | string | The ID of the project that owns the resource. |
| object_type | body | string |
The type of the object that the RBAC policy affects. Types include
qos-policy
or
network
.
|
| object_id | body | string |
The ID of the
object_type
resource. An
object_type
of
network
returns a network ID and an
object_type
of
qos-policy
returns
a QoS ID.
|
| action | body | string |
Action for the RBAC policy which is
access_as_external
or
access_as_shared
.
|
| project_id | body | string | The ID of the project. |
| id | body | string | The ID of the RBAC policy. |
{
"rbac_policy "
:
{
"target_tenant "
:
"0670b690f27e47a58b6a479d26004715 "
,
"tenant_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"object_type "
:
"network "
,
"object_id "
:
"1f32f072-4d17-4811-b619-3623d018bd40 "
,
"action "
:
"access_as_shared "
,
"project_id "
:
"3de27ce0a2a54cc6ae06dc62dd0ec832 "
,
"id "
:
"2cf7523a-93b5-4e69-9360-6c6bf986bb7c "
}
}
Lists, creates, shows information for, and deletes security group rules.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
Lists a summary of all OpenStack Networking security group rules that the project can access.
The list provides the ID for each security group rule.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| remote_group_id (Optional) | query | string | Filter the security group rule list result by the ID of the remote group that associates with this security group rule. |
| direction (Optional) | query | string |
Filter the security group rule list result by the direction in which
the security group rule is applied, which is
ingress
or
egress
.
|
| protocol (Optional) | query | string | Filter the security group rule list result by the IP protocol. |
| ethertype (Optional) | query | string |
Filter the security group rule list result by the ethertype of
network traffic. The value must be
IPv4
or
IPv6
.
|
| port_range_max (Optional) | query | integer | Filter the security group rule list result by the maximum port number in the range that is matched by the security group rule. |
| security_group_id (Optional) | query | string | Filter the security group rule list result by the ID of the security group that associates with this security group rule. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| port_range_min (Optional) | query | integer | Filter the security group rule list result by the minimum port number in the range that is matched by the security group rule. |
| remote_ip_prefix (Optional) | query | string | Filter the list result by the remote IP prefix that is matched by this security group rule. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a security group rule attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| security_group_rules | body | array |
A list of
security_group_rule
objects.
Refer to
Security group rules
for details.
|
| remote_group_id | body | string |
The remote group UUID to associate with this
security group rule. You can specify either the
remote_group_id
or
remote_ip_prefix
attribute in the
request body.
|
| direction | body | string | Ingress or egress, which is the direction in which the security group rule is applied. |
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| ethertype | body | string | Must be IPv4 or IPv6, and addresses represented in CIDR must match the ingress or egress rules. |
| port_range_max | body | integer |
The maximum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be greater than or equal to
the
port_range_min
attribute value. If the protocol is ICMP,
this value must be an ICMP code.
|
| security_group_id | body | string | The security group ID to associate with this security group rule. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| port_range_min | body | integer |
The minimum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be less than or equal to
the
port_range_max
attribute value. If the protocol is ICMP,
this value must be an ICMP type.
|
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this security group rule. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| id | body | string | The ID of the security group rule. |
| description | body | string | A human-readable description for the resource. |
{
"security_group_rules "
:
[
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"3c0e45ff-adaf-4124-b083-bf390e5482ff "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"description "
:
""
},
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"93aa42e5-80db-4581-9391-3a608bd0e448 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"description "
:
""
},
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"c0b09f00-1d49-4e64-a0a7-8a186d928138 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
2
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"description "
:
""
},
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"f7d45c89-008e-4bab-88ad-d6811724c51c "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"description "
:
""
}
]
}
Creates an OpenStack Networking security group rule.
Normal response codes: 201
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| security_group_rule | body | object |
A
security_group_rule
object.
|
| remote_group_id (Optional) | body | string |
The remote group UUID to associate with this
security group rule. You can specify either the
remote_group_id
or
remote_ip_prefix
attribute in the
request body.
|
| direction | body | string | Ingress or egress, which is the direction in which the security group rule is applied. |
| protocol (Optional) | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| ethertype (Optional) | body | string | Must be IPv4 or IPv6, and addresses represented in CIDR must match the ingress or egress rules. |
| port_range_max (Optional) | body | integer |
The maximum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be greater than or equal to
the
port_range_min
attribute value. If the protocol is ICMP,
this value must be an ICMP code.
|
| security_group_id | body | string | The security group ID to associate with this security group rule. |
| port_range_min (Optional) | body | integer |
The minimum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be less than or equal to
the
port_range_max
attribute value. If the protocol is ICMP,
this value must be an ICMP type.
|
| remote_ip_prefix (Optional) | body | string | The remote IP prefix that is matched by this security group rule. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"security_group_rule "
:
{
"direction "
:
"ingress "
,
"port_range_min "
:
"80 "
,
"ethertype "
:
"IPv4 "
,
"port_range_max "
:
"80 "
,
"protocol "
:
"tcp "
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"security_group_id "
:
"a7734e61-b545-452d-a3cd-0189cbd9747a "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| security_group_rule | body | object |
A
security_group_rule
object.
|
| remote_group_id | body | string |
The remote group UUID to associate with this
security group rule. You can specify either the
remote_group_id
or
remote_ip_prefix
attribute in the
request body.
|
| direction | body | string | Ingress or egress, which is the direction in which the security group rule is applied. |
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| ethertype | body | string | Must be IPv4 or IPv6, and addresses represented in CIDR must match the ingress or egress rules. |
| port_range_max | body | integer |
The maximum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be greater than or equal to
the
port_range_min
attribute value. If the protocol is ICMP,
this value must be an ICMP code.
|
| security_group_id | body | string | The security group ID to associate with this security group rule. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| port_range_min | body | integer |
The minimum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be less than or equal to
the
port_range_max
attribute value. If the protocol is ICMP,
this value must be an ICMP type.
|
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this security group rule. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| id | body | string | The ID of the security group rule. |
| description | body | string | A human-readable description for the resource. |
{
"security_group_rule "
:
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"2bc0accf-312e-429a-956e-e4407625eb62 "
,
"port_range_max "
:
80
,
"port_range_min "
:
80
,
"protocol "
:
"tcp "
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"a7734e61-b545-452d-a3cd-0189cbd9747a "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
}
}
Shows detailed information for a security group rule.
The response body contains the following information about the security group rule:
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| security_group_rule_id | path | string | The ID of the security group rule. |
| verbose (Optional) | query | boolean | Show detailed information. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| security_group_rule | body | object |
A
security_group_rule
object.
|
| remote_group_id | body | string |
The remote group UUID to associate with this
security group rule. You can specify either the
remote_group_id
or
remote_ip_prefix
attribute in the
request body.
|
| direction | body | string | Ingress or egress, which is the direction in which the security group rule is applied. |
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| ethertype | body | string | Must be IPv4 or IPv6, and addresses represented in CIDR must match the ingress or egress rules. |
| port_range_max | body | integer |
The maximum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be greater than or equal to
the
port_range_min
attribute value. If the protocol is ICMP,
this value must be an ICMP code.
|
| security_group_id | body | string | The security group ID to associate with this security group rule. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| port_range_min | body | integer |
The minimum port number in the range that is
matched by the security group rule. If the protocol is TCP, UDP,
DCCP, SCTP or UDP-Lite this value must be less than or equal to
the
port_range_max
attribute value. If the protocol is ICMP,
this value must be an ICMP type.
|
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this security group rule. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| id | body | string | The ID of the security group rule. |
| description | body | string | A human-readable description for the resource. |
{
"security_group_rule "
:
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"3c0e45ff-adaf-4124-b083-bf390e5482ff "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"revision_number "
:
1
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
}
}
Deletes a rule from an OpenStack Networking security group.
Normal response codes: 204
Error response codes: 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| security_group_rule_id | path | string | The ID of the security group rule. |
There is no body content is returned on a successful DELETE request.
Lists, creates, shows information for, updates, and deletes security groups.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Lists OpenStack Networking security groups to which the project has access.
The response is an array of
security_group
objects which contains a list of
security_group_rules
objects.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a security group attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| security_groups | body | array |
A list of
security_group
objects.
|
| id | body | string | The ID of the security group. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| security_group_rules | body | array |
A list of
security_group_rule
objects.
Refer to
Security group rules
for details.
|
| tags | body | array | The list of tags on the resource. |
{
"security_groups "
:
[
{
"description "
:
"default "
,
"id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"name "
:
"default "
,
"security_group_rules "
:
[
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"3c0e45ff-adaf-4124-b083-bf390e5482ff "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
},
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"93aa42e5-80db-4581-9391-3a608bd0e448 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
2
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
},
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"c0b09f00-1d49-4e64-a0a7-8a186d928138 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
},
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"f7d45c89-008e-4bab-88ad-d6811724c51c "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
}
],
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
8
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
}
]
}
Creates an OpenStack Networking security group.
This operation creates a security group with default security group rules for the IPv4 and IPv6 ether types.
Normal response codes: 201
Error response codes: 400, 401, 409
| Name | In | Type | Description |
|---|---|---|---|
| security_group | body | object |
A
security_group
object.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name | body | string | Human-readable name of the resource. |
{
"security_group "
:
{
"name "
:
"new-webservers "
,
"description "
:
"security group for webservers "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| security_group | body | object |
A
security_group
object.
|
| id | body | string | The ID of the security group. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| security_group_rules | body | array |
A list of
security_group_rule
objects.
Refer to
Security group rules
for details.
|
| tags | body | array | The list of tags on the resource. |
{
"security_group "
:
{
"description "
:
"security group for webservers "
,
"id "
:
"2076db17-a522-4506-91de-c6dd8e837028 "
,
"name "
:
"new-webservers "
,
"security_group_rules "
:
[
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"38ce2d8e-e8f1-48bd-83c2-d33cb9f50c3d "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"2076db17-a522-4506-91de-c6dd8e837028 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"revision_number "
:
1
,
"revisio[n_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"description "
:
""
},
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"565b9502-12de-4ffd-91e9-68885cff6ae1 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"2076db17-a522-4506-91de-c6dd8e837028 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"description "
:
""
}
],
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
}
}
Shows details for a security group.
The associated security group rules are contained in the response.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| security_group_id | path | string | The ID of the security group. |
| verbose (Optional) | query | boolean | Show detailed information. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
GET
/
v2
.0
/
security
-
groups
/
85
cc3048
-
abc3
-
43
cc
-
89
b3
-
377341426
ac5
Accept
:
application
/
json
| Name | In | Type | Description |
|---|---|---|---|
| security_group | body | object |
A
security_group
object.
|
| id | body | string | The ID of the security group. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| security_group_rules | body | array |
A list of
security_group_rule
objects.
Refer to
Security group rules
for details.
|
| tags | body | array | The list of tags on the resource. |
{
"security_group "
:
{
"description "
:
"default "
,
"id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"name "
:
"default "
,
"security_group_rules "
:
[
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"3c0e45ff-adaf-4124-b083-bf390e5482ff "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
},
{
"direction "
:
"egress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"93aa42e5-80db-4581-9391-3a608bd0e448 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
null
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
2
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
},
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv6 "
,
"id "
:
"c0b09f00-1d49-4e64-a0a7-8a186d928138 "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
},
{
"direction "
:
"ingress "
,
"ethertype "
:
"IPv4 "
,
"id "
:
"f7d45c89-008e-4bab-88ad-d6811724c51c "
,
"port_range_max "
:
null
,
"port_range_min "
:
null
,
"protocol "
:
null
,
"remote_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"remote_ip_prefix "
:
null
,
"security_group_id "
:
"85cc3048-abc3-43cc-89b3-377341426ac5 "
,
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"revision_number "
:
1
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"description "
:
""
}
],
"project_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"revision_number "
:
4
,
"tags "
:
[
"tag1,tag2 "
],
"tenant_id "
:
"e4f50856753b4dc6afee5fa6b9b6c550 "
}
}
Updates a security group.
Normal response codes: 200
Error response codes: 400, 401, 403, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| security_group_id | path | string | The ID of the security group. |
| security_group | body | object |
A
security_group
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name | body | string | Human-readable name of the resource. |
{
"security_group "
:
{
"name "
:
"mysecgroup "
,
"description "
:
"my security group "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| security_group | body | object |
A
security_group
object.
|
| id | body | string | The ID of the security group. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| revision_number | body | integer | The revision number of the resource. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| security_group_rules | body | array |
A list of
security_group_rule
objects.
Refer to
Security group rules
for details.
|
| tags | body | array | The list of tags on the resource. |
{
"security_group "
:
{
"security_group_rules "
:
[],
"project_id "
:
"a52cdb9cc7854a39a23d3af73a40899e "
,
"revision_number "
:
4
,
"tenant_id "
:
"a52cdb9cc7854a39a23d3af73a40899e "
,
"created_at "
:
"2018-03-19T19:16:56Z "
,
"updated_at "
:
"2018-03-19T19:16:56Z "
,
"id "
:
"01fbade5-b664-42f6-83ae-4e214f4263fa "
,
"name "
:
"mysecgroup "
,
"description "
:
"my security group "
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Deletes an OpenStack Networking security group.
This operation deletes an OpenStack Networking security group and its associated security group rules, provided that a port is not associated with the security group. If a port is associated with the security group 409 (Conflict) is returned.
This operation does not require a request body. This operation does not return a response body.
Normal response codes: 204
Error response codes: 401, 404, 409, 412
| Name | In | Type | Description |
|---|---|---|---|
| security_group_id | path | string | The ID of the security group. |
DELETE
/
v2
.0
/
security
-
groups
/
e470bdfc
-
4869
-
459
b
-
a561
-
cb3377efae59
Content
-
Type
:
application
/
json
Accept
:
application
/
json
There is no body content for the response of a successful DELETE request.
The Virtual-Private-Network-as-a-Service (VPNaaS) extension enables OpenStack projects to extend private networks across the public telecommunication infrastructure.
This initial implementation of the VPNaaS extension provides:
This extension introduces these resources:
service
. A parent object that associates VPN with a specific
subnet and router.
ikepolicy
. The Internet Key Exchange (IKE) policy that
identifies the authentication and encryption algorithm to use
during phase one and two negotiation of a VPN connection.
ipsecpolicy
. The IP security policy that specifies the
authentication and encryption algorithm and encapsulation mode to
use for the established VPN connection.
ipsec-site-connection
. Details for the site-to-site IPsec
connection, including the peer CIDRs, MTU, authentication mode,
peer address, DPD settings, and status.
The
endpoint-groups
extension adds support for defining one or more
endpoints of a specific type, and can be used to specify both local
and peer endpoints for IPsec connections.
The
vpn-flavors
extension adds the
flavor_id
attribute
to
vpnservices
resources. During vpnservice creation, if a
flavor_id
is passed, it is used to find the provider for the driver which would
handle the newly created vpnservice.
Lists IKE policies.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicies | body | array |
A list of
ikepolicy
objects.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| phase1_negotiation_mode (Optional) | body | string |
The IKE mode. A valid value is
main
, which is
the default.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IKE policy. |
| ike_version (Optional) | body | string |
The IKE version. A valid value is
v1
or
v2
. Default is
v1
.
|
{
"ikepolicies "
:
[
{
"name "
:
"ikepolicy1 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"auth_algorithm "
:
"sha1 "
,
"encryption_algorithm "
:
"aes-256 "
,
"pfs "
:
"group5 "
,
"phase1_negotiation_mode "
:
"main "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
3600
},
"ike_version "
:
"v1 "
,
"id "
:
"5522aff7-1b3c-48dd-9c3c-b50f016b73db "
,
"description "
:
""
}
]
}
Creates an IKE policy.
The IKE policy is used for phases one and two negotiation of the VPN connection. You can specify both the authentication and encryption algorithms for connections.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicy | body | object |
An
ikepolicy
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| phase1_negotiation_mode (Optional) | body | string |
The IKE mode. A valid value is
main
, which is
the default.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| ike_version (Optional) | body | string |
The IKE version. A valid value is
v1
or
v2
. Default is
v1
.
|
{
"ikepolicy "
:
{
"phase1_negotiation_mode "
:
"main "
,
"auth_algorithm "
:
"sha1 "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group5 "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
7200
},
"ike_version "
:
"v1 "
,
"name "
:
"ikepolicy1 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicies | body | array |
A list of
ikepolicy
objects.
|
| ikepolicy | body | object |
An
ikepolicy
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| phase1_negotiation_mode (Optional) | body | string |
The IKE mode. A valid value is
main
, which is
the default.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IKE policy. |
| ike_version (Optional) | body | string |
The IKE version. A valid value is
v1
or
v2
. Default is
v1
.
|
{
"ikepolicy "
:
{
"name "
:
"ikepolicy1 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"auth_algorithm "
:
"sha1 "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group5 "
,
"phase1_negotiation_mode "
:
"main "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
7200
},
"ike_version "
:
"v1 "
,
"id "
:
"5522aff7-1b3c-48dd-9c3c-b50f016b73db "
,
"description "
:
""
}
}
Shows details for an IKE policy.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicy_id | path | string | The ID of the IKE policy. |
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicies | body | array |
A list of
ikepolicy
objects.
|
| ikepolicy | body | object |
An
ikepolicy
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| phase1_negotiation_mode (Optional) | body | string |
The IKE mode. A valid value is
main
, which is
the default.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IKE policy. |
| ike_version (Optional) | body | string |
The IKE version. A valid value is
v1
or
v2
. Default is
v1
.
|
{
"ikepolicy "
:
{
"name "
:
"ikepolicy1 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"auth_algorithm "
:
"sha1 "
,
"encryption_algorithm "
:
"aes-256 "
,
"pfs "
:
"group5 "
,
"phase1_negotiation_mode "
:
"main "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
3600
},
"ike_version "
:
"v1 "
,
"id "
:
"5522aff7-1b3c-48dd-9c3c-b50f016b73db "
,
"description "
:
""
}
}
Updates policy settings in an IKE policy.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicy_id | path | string | The ID of the IKE policy. |
| ikepolicy | body | object |
An
ikepolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| phase1_negotiation_mode (Optional) | body | string |
The IKE mode. A valid value is
main
, which is
the default.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| ike_version (Optional) | body | string |
The IKE version. A valid value is
v1
or
v2
. Default is
v1
.
|
{
"ikepolicy "
:
{
"encryption_algorithm "
:
"aes-256 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicies | body | array |
A list of
ikepolicy
objects.
|
| ikepolicy | body | object |
An
ikepolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| phase1_negotiation_mode (Optional) | body | string |
The IKE mode. A valid value is
main
, which is
the default.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IKE policy. |
| ike_version (Optional) | body | string |
The IKE version. A valid value is
v1
or
v2
. Default is
v1
.
|
{
"ikepolicy "
:
{
"name "
:
"ikepolicy1 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"auth_algorithm "
:
"sha1 "
,
"encryption_algorithm "
:
"aes-256 "
,
"pfs "
:
"group5 "
,
"phase1_negotiation_mode "
:
"main "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
3600
},
"ike_version "
:
"v1 "
,
"id "
:
"5522aff7-1b3c-48dd-9c3c-b50f016b73db "
,
"description "
:
""
}
}
Removes an IKE policy.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| ikepolicy_id | path | string | The ID of the IKE policy. |
There is no body content for the response of a successful DELETE request.
Lists all IPsec policies.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicies | body | array |
A list of
ipsecpolicy
objects.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encapsulation_mode (Optional) | body | string |
The encapsulation mode. A valid value is
tunnel
or
transport
. Default is
tunnel
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| transform_protocol (Optional) | body | string |
The transform protocol. A valid value is
ESP
,
AH
, or
AH-
ESP
. Default is
ESP
.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IPsec policy. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"ipsecpolicies "
:
[
{
"name "
:
"ipsecpolicy1 "
,
"transform_protocol "
:
"esp "
,
"auth_algorithm "
:
"sha1 "
,
"encapsulation_mode "
:
"tunnel "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group14 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
3600
},
"id "
:
"5291b189-fd84-46e5-84bd-78f40c05d69c "
,
"description "
:
""
}
]
}
Creates an IP security (IPsec) policy.
The IPsec policy specifies the authentication and encryption algorithms and encapsulation mode to use for the established VPN connection.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicy | body | object |
An
ipsecpolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encapsulation_mode (Optional) | body | string |
The encapsulation mode. A valid value is
tunnel
or
transport
. Default is
tunnel
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| transform_protocol (Optional) | body | string |
The transform protocol. A valid value is
ESP
,
AH
, or
AH-
ESP
. Default is
ESP
.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"ipsecpolicy "
:
{
"name "
:
"ipsecpolicy1 "
,
"transform_protocol "
:
"esp "
,
"auth_algorithm "
:
"sha1 "
,
"encapsulation_mode "
:
"tunnel "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group5 "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
7200
}
}
}
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicies | body | array |
A list of
ipsecpolicy
objects.
|
| ipsecpolicy | body | object |
An
ipsecpolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encapsulation_mode (Optional) | body | string |
The encapsulation mode. A valid value is
tunnel
or
transport
. Default is
tunnel
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| transform_protocol (Optional) | body | string |
The transform protocol. A valid value is
ESP
,
AH
, or
AH-
ESP
. Default is
ESP
.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IPsec policy. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"ipsecpolicy "
:
{
"name "
:
"ipsecpolicy1 "
,
"transform_protocol "
:
"esp "
,
"auth_algorithm "
:
"sha1 "
,
"encapsulation_mode "
:
"tunnel "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group5 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
7200
},
"id "
:
"5291b189-fd84-46e5-84bd-78f40c05d69c "
,
"description "
:
""
}
}
Shows details for an IPsec policy.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicy_id | path | string | The ID of the IPsec policy. |
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicies | body | array |
A list of
ipsecpolicy
objects.
|
| ipsecpolicy | body | object |
An
ipsecpolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encapsulation_mode (Optional) | body | string |
The encapsulation mode. A valid value is
tunnel
or
transport
. Default is
tunnel
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| transform_protocol (Optional) | body | string |
The transform protocol. A valid value is
ESP
,
AH
, or
AH-
ESP
. Default is
ESP
.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IPsec policy. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"ipsecpolicy "
:
{
"name "
:
"ipsecpolicy1 "
,
"transform_protocol "
:
"esp "
,
"auth_algorithm "
:
"sha1 "
,
"encapsulation_mode "
:
"tunnel "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group14 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
3600
},
"id "
:
"5291b189-fd84-46e5-84bd-78f40c05d69c "
,
"description "
:
""
}
}
Updates policy settings in an IPsec policy.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicy_id | path | string | The ID of the IPsec policy. |
| ipsecpolicy | body | object |
An
ipsecpolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| transform_protocol (Optional) | body | string |
The transform protocol. A valid value is
ESP
,
AH
, or
AH-
ESP
. Default is
ESP
.
|
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encapsulation_mode (Optional) | body | string |
The encapsulation mode. A valid value is
tunnel
or
transport
. Default is
tunnel
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"ipsecpolicy "
:
{
"pfs "
:
"group14 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicies | body | array |
A list of
ipsecpolicy
objects.
|
| ipsecpolicy | body | object |
An
ipsecpolicy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| auth_algorithm (Optional) | body | string |
The authentication hash algorithm. Valid values
are
sha1
,
sha256
,
sha384
,
sha512
.
The default is
sha1
.
|
| encapsulation_mode (Optional) | body | string |
The encapsulation mode. A valid value is
tunnel
or
transport
. Default is
tunnel
.
|
| encryption_algorithm (Optional) | body | string |
The encryption algorithm. A valid value is
3des
,
aes-128
,
aes-192
,
aes-256
, and so on.
Default is
aes-128
.
|
| pfs (Optional) | body | string |
Perfect forward secrecy (PFS). A valid value is
Group2
,
Group5
,
Group14
, and so on. Default is
Group5
.
|
| value (Optional) | body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| transform_protocol (Optional) | body | string |
The transform protocol. A valid value is
ESP
,
AH
, or
AH-
ESP
. Default is
ESP
.
|
| units (Optional) | body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| lifetime (Optional) | body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
| id | body | string | The ID of the IPsec policy. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"ipsecpolicy "
:
{
"name "
:
"ipsecpolicy1 "
,
"transform_protocol "
:
"esp "
,
"auth_algorithm "
:
"sha1 "
,
"encapsulation_mode "
:
"tunnel "
,
"encryption_algorithm "
:
"aes-128 "
,
"pfs "
:
"group14 "
,
"project_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"tenant_id "
:
"ccb81365fe36411a9011e90491fe1330 "
,
"lifetime "
:
{
"units "
:
"seconds "
,
"value "
:
3600
},
"id "
:
"5291b189-fd84-46e5-84bd-78f40c05d69c "
,
"description "
:
""
}
}
Removes an IPsec policy.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| ipsecpolicy_id | path | string | The ID of the IPsec policy. |
There is no body content for the response of a successful DELETE request.
Lists all IPsec connections.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| auth_mode (Optional) | body | string |
The authentication mode. A valid value is
psk
, which is the default.
|
| ikepolicy_id | body | string | The ID of the IKE policy. |
| vpnservice_id | body | string | The ID of the VPN service. |
| local_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private subnets for the local side of the connection. Yo must
specify this parameter with the
peer_ep_group_id
parameter
unless in backward- compatible mode where
peer_cidrs
is
provided with a
subnet_id
for the VPN service.
|
| peer_address | body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
| id (Optional) | body | string | The ID of the IPsec site-to-site connection. |
| route_mode (Optional) | body | string |
The route mode. A valid value is
static
,
which is the default.
|
| ipsecpolicy_id | body | string | The ID of the IPsec policy. |
| peer_id | body | string |
The peer router identity for authentication. A
valid value is an IPv4 address, IPv6 address, e-mail address, key
ID, or FQDN. Typically, this value matches the
peer_address
value.
|
| status | body | string |
Indicates whether the IPsec connection is
currently operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| psk | body | string | The pre-shared key. A valid value is any string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| initiator (Optional) | body | string |
Indicates whether this VPN can only respond to
connections or both respond to and initiate connections. A valid
value is
response-
only
or
bi-directional
. Default is
bi-directional
.
|
| peer_cidrs (Optional) | body | array | (Deprecated) Unique list of valid peer private CIDRs in the form <net_address >/ <prefix >. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| interval (Optional) | body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| peer_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private CIDRs in the form <net_address >/ <prefix >for the
peer side of the connection. You must specify this parameter with
the
local_ep_group_id
parameter unless in backward-compatible
mode where
peer_cidrs
is provided with a
subnet_id
for the
VPN service.
|
| dpd (Optional) | body | object | A dictionary with dead peer detection (DPD) protocol controls. |
| timeout | body | integer |
The dead peer detection (DPD) timeout in seconds.
A valid value is a positive integer that is greater than the DPD
interval
value. Default is 120.
|
| action | body | string |
The dead peer detection (DPD) action. A valid
value is
clear
,
hold
,
restart
,
disabled
, or
restart-by-peer
. Default value is
hold
.
|
| local_id (Optional) | body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
{
"ipsec_site_connections "
:
[
{
"status "
:
"PENDING CREATE "
,
"psk "
:
"secret "
,
"initiator "
:
"bi-directional "
,
"name "
:
"vpnconnection1 "
,
"admin_state_up "
:
true
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"auth_mode "
:
"psk "
,
"peer_cidrs "
:
[],
"mtu "
:
1500
,
"peer_ep_group_id "
:
"9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1 "
,
"ikepolicy_id "
:
"9b00d6b0-6c93-4ca5-9747-b8ade7bb514f "
,
"vpnservice_id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"dpd "
:
{
"action "
:
"hold "
,
"interval "
:
30
,
"timeout "
:
120
},
"route_mode "
:
"static "
,
"ipsecpolicy_id "
:
"e6e23d0c-9519-4d52-8ea4-5b1f96d857b1 "
,
"local_ep_group_id "
:
"3e1815dd-e212-43d0-8f13-b494fa553e68 "
,
"peer_address "
:
"172.24.4.226 "
,
"peer_id "
:
"172.24.4.226 "
,
"id "
:
"851f280f-5639-4ea3-81aa-e298525ab74b "
,
"description "
:
""
}
]
}
Creates a site-to-site IPsec connection for a service.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| ipsec_site_connection | body | object |
An
ipsec_site_connection
object.
|
| auth_mode (Optional) | body | string |
The authentication mode. A valid value is
psk
, which is the default.
|
| ikepolicy_id (Optional) | body | string | The ID of the IKE policy. |
| vpnservice_id (Optional) | body | string | The ID of the VPN service. |
| local_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private subnets for the local side of the connection. Yo must
specify this parameter with the
peer_ep_group_id
parameter
unless in backward- compatible mode where
peer_cidrs
is
provided with a
subnet_id
for the VPN service.
|
| peer_address | body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
| route_mode (Optional) | body | string |
The route mode. A valid value is
static
,
which is the default.
|
| ipsecpolicy_id (Optional) | body | string | The ID of the IPsec policy. |
| peer_id | body | string |
The peer router identity for authentication. A
valid value is an IPv4 address, IPv6 address, e-mail address, key
ID, or FQDN. Typically, this value matches the
peer_address
value.
|
| psk | body | string | The pre-shared key. A valid value is any string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| initiator (Optional) | body | string |
Indicates whether this VPN can only respond to
connections or both respond to and initiate connections. A valid
value is
response-
only
or
bi-directional
. Default is
bi-directional
.
|
| peer_cidrs (Optional) | body | array | (Deprecated) Unique list of valid peer private CIDRs in the form <net_address >/ <prefix >. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| interval (Optional) | body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| peer_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private CIDRs in the form <net_address >/ <prefix >for the
peer side of the connection. You must specify this parameter with
the
local_ep_group_id
parameter unless in backward-compatible
mode where
peer_cidrs
is provided with a
subnet_id
for the
VPN service.
|
| dpd (Optional) | body | object | A dictionary with dead peer detection (DPD) protocol controls. |
| timeout | body | integer |
The dead peer detection (DPD) timeout in seconds.
A valid value is a positive integer that is greater than the DPD
interval
value. Default is 120.
|
| action | body | string |
The dead peer detection (DPD) action. A valid
value is
clear
,
hold
,
restart
,
disabled
, or
restart-by-peer
. Default value is
hold
.
|
| local_id (Optional) | body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
{
"ipsec_site_connection "
:
{
"psk "
:
"secret "
,
"initiator "
:
"bi-directional "
,
"ipsecpolicy_id "
:
"e6e23d0c-9519-4d52-8ea4-5b1f96d857b1 "
,
"admin_state_up "
:
true
,
"mtu "
:
"1500 "
,
"peer_ep_group_id "
:
"9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1 "
,
"ikepolicy_id "
:
"9b00d6b0-6c93-4ca5-9747-b8ade7bb514f "
,
"vpnservice_id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"local_ep_group_id "
:
"3e1815dd-e212-43d0-8f13-b494fa553e68 "
,
"peer_address "
:
"172.24.4.233 "
,
"peer_id "
:
"172.24.4.233 "
,
"name "
:
"vpnconnection1 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| ipsec_site_connection | body | object |
An
ipsec_site_connection
object.
|
| auth_mode (Optional) | body | string |
The authentication mode. A valid value is
psk
, which is the default.
|
| ikepolicy_id | body | string | The ID of the IKE policy. |
| vpnservice_id | body | string | The ID of the VPN service. |
| local_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private subnets for the local side of the connection. Yo must
specify this parameter with the
peer_ep_group_id
parameter
unless in backward- compatible mode where
peer_cidrs
is
provided with a
subnet_id
for the VPN service.
|
| peer_address | body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
| id (Optional) | body | string | The ID of the IPsec site-to-site connection. |
| route_mode (Optional) | body | string |
The route mode. A valid value is
static
,
which is the default.
|
| ipsecpolicy_id | body | string | The ID of the IPsec policy. |
| peer_id | body | string |
The peer router identity for authentication. A
valid value is an IPv4 address, IPv6 address, e-mail address, key
ID, or FQDN. Typically, this value matches the
peer_address
value.
|
| status | body | string |
Indicates whether the IPsec connection is
currently operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| psk | body | string | The pre-shared key. A valid value is any string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| initiator (Optional) | body | string |
Indicates whether this VPN can only respond to
connections or both respond to and initiate connections. A valid
value is
response-
only
or
bi-directional
. Default is
bi-directional
.
|
| peer_cidrs (Optional) | body | array | (Deprecated) Unique list of valid peer private CIDRs in the form <net_address >/ <prefix >. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| interval (Optional) | body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| peer_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private CIDRs in the form <net_address >/ <prefix >for the
peer side of the connection. You must specify this parameter with
the
local_ep_group_id
parameter unless in backward-compatible
mode where
peer_cidrs
is provided with a
subnet_id
for the
VPN service.
|
| dpd (Optional) | body | object | A dictionary with dead peer detection (DPD) protocol controls. |
| timeout | body | integer |
The dead peer detection (DPD) timeout in seconds.
A valid value is a positive integer that is greater than the DPD
interval
value. Default is 120.
|
| action | body | string |
The dead peer detection (DPD) action. A valid
value is
clear
,
hold
,
restart
,
disabled
, or
restart-by-peer
. Default value is
hold
.
|
| local_id (Optional) | body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
{
"ipsec_site_connection "
:
{
"status "
:
"PENDING_CREATE "
,
"psk "
:
"secret "
,
"initiator "
:
"bi-directional "
,
"name "
:
"vpnconnection1 "
,
"admin_state_up "
:
true
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"auth_mode "
:
"psk "
,
"peer_cidrs "
:
[],
"mtu "
:
1500
,
"peer_ep_group_id "
:
"9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1 "
,
"ikepolicy_id "
:
"9b00d6b0-6c93-4ca5-9747-b8ade7bb514f "
,
"vpnservice_id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"dpd "
:
{
"action "
:
"hold "
,
"interval "
:
30
,
"timeout "
:
120
},
"route_mode "
:
"static "
,
"ipsecpolicy_id "
:
"e6e23d0c-9519-4d52-8ea4-5b1f96d857b1 "
,
"local_ep_group_id "
:
"3e1815dd-e212-43d0-8f13-b494fa553e68 "
,
"peer_address "
:
"172.24.4.233 "
,
"peer_id "
:
"172.24.4.233 "
,
"id "
:
"851f280f-5639-4ea3-81aa-e298525ab74b "
,
"description "
:
""
}
}
Shows details for an IPsec connection.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| connection_id | path | string | The ID of the IPsec site-to-site connection. |
| Name | In | Type | Description |
|---|---|---|---|
| auth_mode (Optional) | body | string |
The authentication mode. A valid value is
psk
, which is the default.
|
| ikepolicy_id | body | string | The ID of the IKE policy. |
| vpnservice_id | body | string | The ID of the VPN service. |
| local_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private subnets for the local side of the connection. Yo must
specify this parameter with the
peer_ep_group_id
parameter
unless in backward- compatible mode where
peer_cidrs
is
provided with a
subnet_id
for the VPN service.
|
| peer_address | body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
| id (Optional) | body | string | The ID of the IPsec site-to-site connection. |
| ipsec_site_connection | body | object |
An
ipsec_site_connection
object.
|
| route_mode (Optional) | body | string |
The route mode. A valid value is
static
,
which is the default.
|
| ipsecpolicy_id | body | string | The ID of the IPsec policy. |
| peer_id | body | string |
The peer router identity for authentication. A
valid value is an IPv4 address, IPv6 address, e-mail address, key
ID, or FQDN. Typically, this value matches the
peer_address
value.
|
| status | body | string |
Indicates whether the IPsec connection is
currently operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| psk | body | string | The pre-shared key. A valid value is any string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| initiator (Optional) | body | string |
Indicates whether this VPN can only respond to
connections or both respond to and initiate connections. A valid
value is
response-
only
or
bi-directional
. Default is
bi-directional
.
|
| peer_cidrs (Optional) | body | array | (Deprecated) Unique list of valid peer private CIDRs in the form <net_address >/ <prefix >. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| interval (Optional) | body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| peer_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private CIDRs in the form <net_address >/ <prefix >for the
peer side of the connection. You must specify this parameter with
the
local_ep_group_id
parameter unless in backward-compatible
mode where
peer_cidrs
is provided with a
subnet_id
for the
VPN service.
|
| dpd (Optional) | body | object | A dictionary with dead peer detection (DPD) protocol controls. |
| timeout | body | integer |
The dead peer detection (DPD) timeout in seconds.
A valid value is a positive integer that is greater than the DPD
interval
value. Default is 120.
|
| action | body | string |
The dead peer detection (DPD) action. A valid
value is
clear
,
hold
,
restart
,
disabled
, or
restart-by-peer
. Default value is
hold
.
|
| local_id (Optional) | body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
{
"ipsec_site_connection "
:
{
"status "
:
"DOWN "
,
"psk "
:
"secret "
,
"initiator "
:
"bi-directional "
,
"name "
:
"vpnconnection1 "
,
"admin_state_up "
:
true
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"auth_mode "
:
"psk "
,
"peer_cidrs "
:
[],
"mtu "
:
1500
,
"peer_ep_group_id "
:
"9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1 "
,
"ikepolicy_id "
:
"9b00d6b0-6c93-4ca5-9747-b8ade7bb514f "
,
"vpnservice_id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"dpd "
:
{
"action "
:
"hold "
,
"interval "
:
30
,
"timeout "
:
120
},
"route_mode "
:
"static "
,
"ipsecpolicy_id "
:
"e6e23d0c-9519-4d52-8ea4-5b1f96d857b1 "
,
"local_ep_group_id "
:
"3e1815dd-e212-43d0-8f13-b494fa553e68 "
,
"peer_address "
:
"172.24.4.226 "
,
"peer_id "
:
"172.24.4.226 "
,
"id "
:
"851f280f-5639-4ea3-81aa-e298525ab74b "
,
"description "
:
""
}
}
Updates connection settings for an IPsec connection.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| connection_id | path | string | The ID of the IPsec site-to-site connection. |
| ipsec_site_connection | body | object |
An
ipsec_site_connection
object.
|
| psk | body | string | The pre-shared key. A valid value is any string. |
| initiator (Optional) | body | string |
Indicates whether this VPN can only respond to
connections or both respond to and initiate connections. A valid
value is
response-
only
or
bi-directional
. Default is
bi-directional
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| interval (Optional) | body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
| peer_cidrs (Optional) | body | array | (Deprecated) Unique list of valid peer private CIDRs in the form <net_address >/ <prefix >. |
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| peer_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private CIDRs in the form <net_address >/ <prefix >for the
peer side of the connection. You must specify this parameter with
the
local_ep_group_id
parameter unless in backward-compatible
mode where
peer_cidrs
is provided with a
subnet_id
for the
VPN service.
|
| local_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private subnets for the local side of the connection. Yo must
specify this parameter with the
peer_ep_group_id
parameter
unless in backward- compatible mode where
peer_cidrs
is
provided with a
subnet_id
for the VPN service.
|
| dpd (Optional) | body | object | A dictionary with dead peer detection (DPD) protocol controls. |
| timeout | body | integer |
The dead peer detection (DPD) timeout in seconds.
A valid value is a positive integer that is greater than the DPD
interval
value. Default is 120.
|
| action | body | string |
The dead peer detection (DPD) action. A valid
value is
clear
,
hold
,
restart
,
disabled
, or
restart-by-peer
. Default value is
hold
.
|
| peer_address | body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
| peer_id | body | string |
The peer router identity for authentication. A
valid value is an IPv4 address, IPv6 address, e-mail address, key
ID, or FQDN. Typically, this value matches the
peer_address
value.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| local_id (Optional) | body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
{
"ipsec_site_connection "
:
{
"mtu "
:
"2000 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| auth_mode (Optional) | body | string |
The authentication mode. A valid value is
psk
, which is the default.
|
| ikepolicy_id | body | string | The ID of the IKE policy. |
| vpnservice_id | body | string | The ID of the VPN service. |
| local_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private subnets for the local side of the connection. Yo must
specify this parameter with the
peer_ep_group_id
parameter
unless in backward- compatible mode where
peer_cidrs
is
provided with a
subnet_id
for the VPN service.
|
| peer_address | body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
| id (Optional) | body | string | The ID of the IPsec site-to-site connection. |
| ipsec_site_connection | body | object |
An
ipsec_site_connection
object.
|
| route_mode (Optional) | body | string |
The route mode. A valid value is
static
,
which is the default.
|
| ipsecpolicy_id | body | string | The ID of the IPsec policy. |
| peer_id | body | string |
The peer router identity for authentication. A
valid value is an IPv4 address, IPv6 address, e-mail address, key
ID, or FQDN. Typically, this value matches the
peer_address
value.
|
| status | body | string |
Indicates whether the IPsec connection is
currently operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| psk | body | string | The pre-shared key. A valid value is any string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| initiator (Optional) | body | string |
Indicates whether this VPN can only respond to
connections or both respond to and initiate connections. A valid
value is
response-
only
or
bi-directional
. Default is
bi-directional
.
|
| peer_cidrs (Optional) | body | array | (Deprecated) Unique list of valid peer private CIDRs in the form <net_address >/ <prefix >. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| interval (Optional) | body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| peer_ep_group_id (Optional) | body | string |
The ID for the endpoint group that contains
private CIDRs in the form <net_address >/ <prefix >for the
peer side of the connection. You must specify this parameter with
the
local_ep_group_id
parameter unless in backward-compatible
mode where
peer_cidrs
is provided with a
subnet_id
for the
VPN service.
|
| dpd (Optional) | body | object | A dictionary with dead peer detection (DPD) protocol controls. |
| timeout | body | integer |
The dead peer detection (DPD) timeout in seconds.
A valid value is a positive integer that is greater than the DPD
interval
value. Default is 120.
|
| action | body | string |
The dead peer detection (DPD) action. A valid
value is
clear
,
hold
,
restart
,
disabled
, or
restart-by-peer
. Default value is
hold
.
|
| local_id (Optional) | body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
{
"ipsec_site_connection "
:
{
"status "
:
"DOWN "
,
"psk "
:
"secret "
,
"initiator "
:
"bi-directional "
,
"name "
:
"vpnconnection1 "
,
"admin_state_up "
:
true
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"auth_mode "
:
"psk "
,
"peer_cidrs "
:
[],
"mtu "
:
2000
,
"peer_ep_group_id "
:
"9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1 "
,
"ikepolicy_id "
:
"9b00d6b0-6c93-4ca5-9747-b8ade7bb514f "
,
"vpnservice_id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"dpd "
:
{
"action "
:
"hold "
,
"interval "
:
30
,
"timeout "
:
120
},
"route_mode "
:
"static "
,
"ipsecpolicy_id "
:
"e6e23d0c-9519-4d52-8ea4-5b1f96d857b1 "
,
"local_ep_group_id "
:
"3e1815dd-e212-43d0-8f13-b494fa553e68 "
,
"peer_address "
:
"172.24.4.233 "
,
"peer_id "
:
"172.24.4.233 "
,
"id "
:
"851f280f-5639-4ea3-81aa-e298525ab74b "
,
"description "
:
"New description "
}
}
Removes an IPsec connection.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| connection_id | path | string | The ID of the IPsec site-to-site connection. |
There is no body content for the response of a successful DELETE request.
Lists VPN endpoint groups.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| endpoints | body | array | List of endpoints of the same type, for the endpoint group. The values will depend on type. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| type | body | string |
The type of the endpoints in the group. A valid
value is
subnet
,
cidr
,
network
,
router
, or
vlan
. Only
subnet
and
cidr
are supported
at this moment.
|
| id | body | string | The ID of the VPN endpoint group. |
{
"endpoint_groups "
:
[
{
"description "
:
""
,
"project_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"tenant_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"endpoints "
:
[
"a3da778c-adfb-46db-88b3-d2ce53290a89 "
],
"type "
:
"subnet "
,
"id "
:
"6bf34c7c-864c-4948-a6d4-db791669f9d4 "
,
"name "
:
"locals "
},
{
"description "
:
""
,
"project_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"tenant_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"endpoints "
:
[
"10.2.0.0/24 "
,
"10.3.0.0/24 "
],
"type "
:
"cidr "
,
"id "
:
"6ecd9cf3-ca64-46c7-863f-f2eb1b9e838a "
,
"name "
:
"peers "
}
]
}
Creates a VPN endpoint group.
The endpoint group contains one or more endpoints of a specific type that you can use to create a VPN connections.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| endpoints | body | array | List of endpoints of the same type, for the endpoint group. The values will depend on type. |
| type | body | string |
The type of the endpoints in the group. A valid
value is
subnet
,
cidr
,
network
,
router
, or
vlan
. Only
subnet
and
cidr
are supported
at this moment.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"endpoint_group "
:
{
"endpoints "
:
[
"10.2.0.0/24 "
,
"10.3.0.0/24 "
],
"type "
:
"cidr "
,
"name "
:
"peers "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| endpoints | body | array | List of endpoints of the same type, for the endpoint group. The values will depend on type. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| type | body | string |
The type of the endpoints in the group. A valid
value is
subnet
,
cidr
,
network
,
router
, or
vlan
. Only
subnet
and
cidr
are supported
at this moment.
|
| id | body | string | The ID of the VPN endpoint group. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"endpoint_group "
:
{
"description "
:
""
,
"project_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"tenant_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"endpoints "
:
[
"10.2.0.0/24 "
,
"10.3.0.0/24 "
],
"type "
:
"cidr "
,
"id "
:
"6ecd9cf3-ca64-46c7-863f-f2eb1b9e838a "
,
"name "
:
"peers "
}
}
Shows details for a VPN endpoint group.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| endpoint_group_id | path | string | The ID of the VPN endpoint group. |
| Name | In | Type | Description |
|---|---|---|---|
| endpoints | body | array | List of endpoints of the same type, for the endpoint group. The values will depend on type. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| type | body | string |
The type of the endpoints in the group. A valid
value is
subnet
,
cidr
,
network
,
router
, or
vlan
. Only
subnet
and
cidr
are supported
at this moment.
|
| id | body | string | The ID of the VPN endpoint group. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"endpoint_group "
:
{
"description "
:
""
,
"project_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"tenant_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"endpoints "
:
[
"10.2.0.0/24 "
,
"10.3.0.0/24 "
],
"type "
:
"cidr "
,
"id "
:
"6ecd9cf3-ca64-46c7-863f-f2eb1b9e838a "
,
"name "
:
"peers "
}
}
Updates settings for a VPN endpoint group.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| endpoint_group_id | path | string | The ID of the VPN endpoint group. |
{
"endpoint_group "
:
{
"description "
:
"New description "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| endpoints | body | array | List of endpoints of the same type, for the endpoint group. The values will depend on type. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| type | body | string |
The type of the endpoints in the group. A valid
value is
subnet
,
cidr
,
network
,
router
, or
vlan
. Only
subnet
and
cidr
are supported
at this moment.
|
| id | body | string | The ID of the VPN endpoint group. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
{
"endpoint_group "
:
{
"description "
:
"New description "
,
"project_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"tenant_id "
:
"4ad57e7ce0b24fca8f12b9834d91079d "
,
"endpoints "
:
[
"10.2.0.0/24 "
,
"10.3.0.0/24 "
],
"type "
:
"cidr "
,
"id "
:
"6ecd9cf3-ca64-46c7-863f-f2eb1b9e838a "
,
"name "
:
"peers "
}
}
Removes a VPN endpoint group.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| endpoint_group_id | path | string | The ID of the VPN endpoint group. |
There is no body content for the response of a successful DELETE request.
Lists all VPN services.
The list might be empty.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| vpnservices | body | array | A list of VPN service objects. |
| router_id | path | string | The ID of the router. |
| status | body | string |
Indicates whether IPsec VPN service is currently
operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| external_v6_ip | body | string | Read-only external (public) IPv6 address that is used for the VPN service. The VPN plugin sets this address if an IPv6 interface is available. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| subnet_id (Optional) | body | string | If you specify only a subnet UUID, OpenStack Networking allocates an available IP from that subnet to the port. If you specify both a subnet UUID and an IP address, OpenStack Networking tries to allocate the address to the port. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| external_v4_ip | body | string | Read-only external (public) IPv4 address that is used for the VPN service. The VPN plugin sets this address if an IPv4 interface is available. |
| id | body | string | The ID of the VPN service. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| flavor_id | body | string | The ID of the flavor. |
{
"vpnservices "
:
[
{
"router_id "
:
"66e3b16c-8ce5-40fb-bb49-ab6d8dc3f2aa "
,
"status "
:
"PENDING_CREATE "
,
"name "
:
"myservice "
,
"external_v6_ip "
:
"2001:db8::1 "
,
"admin_state_up "
:
true
,
"subnet_id "
:
null
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"external_v4_ip "
:
"172.32.1.11 "
,
"id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"description "
:
""
,
"flavor_id "
:
null
}
]
}
Creates a VPN service.
The service is associated with a router. After you create the service, it can contain multiple VPN connections.
An optional
flavor_id
attribute can be passed to enable dynamic
selection of an appropriate provider if configured by the operator.
It is only available when
vpn-flavors
extension is enabled.
The basic selection algorithm chooses the provider in the first
service profile currently associated with flavor. This option can
only be set in
POST
operation.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| vpnservice | body | object |
A
vpnservice
object.
|
| router_id | path | string | The ID of the router. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| subnet_id (Optional) | body | string | If you specify only a subnet UUID, OpenStack Networking allocates an available IP from that subnet to the port. If you specify both a subnet UUID and an IP address, OpenStack Networking tries to allocate the address to the port. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| flavor_id (Optional) | body | string | The ID of the flavor. |
{
"vpnservice "
:
{
"subnet_id "
:
null
,
"router_id "
:
"66e3b16c-8ce5-40fb-bb49-ab6d8dc3f2aa "
,
"name "
:
"myservice "
,
"admin_state_up "
:
true
,
"flavor_id "
:
null
}
}
| Name | In | Type | Description |
|---|---|---|---|
| vpnservice | body | object |
A
vpnservice
object.
|
| router_id | path | string | The ID of the router. |
| status | body | string |
Indicates whether IPsec VPN service is currently
operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| external_v6_ip | body | string | Read-only external (public) IPv6 address that is used for the VPN service. The VPN plugin sets this address if an IPv6 interface is available. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| subnet_id (Optional) | body | string | If you specify only a subnet UUID, OpenStack Networking allocates an available IP from that subnet to the port. If you specify both a subnet UUID and an IP address, OpenStack Networking tries to allocate the address to the port. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| external_v4_ip | body | string | Read-only external (public) IPv4 address that is used for the VPN service. The VPN plugin sets this address if an IPv4 interface is available. |
| id | body | string | The ID of the VPN service. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| flavor_id | body | string | The ID of the flavor. |
{
"vpnservice "
:
{
"router_id "
:
"66e3b16c-8ce5-40fb-bb49-ab6d8dc3f2aa "
,
"status "
:
"PENDING_CREATE "
,
"name "
:
"myservice "
,
"external_v6_ip "
:
"2001:db8::1 "
,
"admin_state_up "
:
true
,
"subnet_id "
:
null
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"external_v4_ip "
:
"172.32.1.11 "
,
"id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"description "
:
""
,
"flavor_id "
:
null
}
}
Shows details for a VPN service.
If the user is not an administrative user and the VPN service
object does not belong to the tenant account for the user, the
operation returns the
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| service_id | path | string | The ID of the VPN service. |
| Name | In | Type | Description |
|---|---|---|---|
| vpnservice | body | object |
A
vpnservice
object.
|
| router_id | path | string | The ID of the router. |
| status | body | string |
Indicates whether IPsec VPN service is currently
operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| external_v6_ip | body | string | Read-only external (public) IPv6 address that is used for the VPN service. The VPN plugin sets this address if an IPv6 interface is available. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| subnet_id (Optional) | body | string | If you specify only a subnet UUID, OpenStack Networking allocates an available IP from that subnet to the port. If you specify both a subnet UUID and an IP address, OpenStack Networking tries to allocate the address to the port. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| external_v4_ip | body | string | Read-only external (public) IPv4 address that is used for the VPN service. The VPN plugin sets this address if an IPv4 interface is available. |
| id | body | string | The ID of the VPN service. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| flavor_id | body | string | The ID of the flavor. |
{
"vpnservice "
:
{
"router_id "
:
"66e3b16c-8ce5-40fb-bb49-ab6d8dc3f2aa "
,
"status "
:
"PENDING_CREATE "
,
"name "
:
"myservice "
,
"external_v6_ip "
:
"2001:db8::1 "
,
"admin_state_up "
:
true
,
"subnet_id "
:
null
,
"project_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"tenant_id "
:
"10039663455a446d8ba2cbb058b0f578 "
,
"external_v4_ip "
:
"172.32.1.11 "
,
"id "
:
"5c561d9d-eaea-45f6-ae3e-08d1a7080828 "
,
"description "
:
""
,
"flavor_id "
:
null
}
}
Updates a VPN service.
Updates the attributes of a VPN service. You cannot update a
service with a
PENDING_*
status.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| vpnservice | body | object |
A
vpnservice
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| service_id | path | string | The ID of the VPN service. |
{
"vpnservice "
:
{
"description "
:
"Updated description "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| vpnservice | body | object |
A
vpnservice
object.
|
| router_id | path | string | The ID of the router. |
| status | body | string |
Indicates whether IPsec VPN service is currently
operational. Values are
ACTIVE
,
DOWN
,
BUILD
,
ERROR
,
PENDING_CREATE
,
PENDING_UPDATE
, or
PENDING_DELETE
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| external_v6_ip | body | string | Read-only external (public) IPv6 address that is used for the VPN service. The VPN plugin sets this address if an IPv6 interface is available. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| subnet_id (Optional) | body | string | If you specify only a subnet UUID, OpenStack Networking allocates an available IP from that subnet to the port. If you specify both a subnet UUID and an IP address, OpenStack Networking tries to allocate the address to the port. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| external_v4_ip | body | string | Read-only external (public) IPv4 address that is used for the VPN service. The VPN plugin sets this address if an IPv4 interface is available. |
| id | body | string | The ID of the VPN service. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| flavor_id | body | string | The ID of the flavor. |
{
"vpnservice "
:
{
"router_id "
:
"881b7b30-4efb-407e-a162-5630a7af3595 "
,
"status "
:
"ACTIVE "
,
"name "
:
"myvpn "
,
"admin_state_up "
:
true
,
"subnet_id "
:
null
,
"project_id "
:
"26de9cd6cae94c8cb9f79d660d628e1f "
,
"tenant_id "
:
"26de9cd6cae94c8cb9f79d660d628e1f "
,
"id "
:
"41bfef97-af4e-4f6b-a5d3-4678859d2485 "
,
"description "
:
"Updated description "
,
"flavor_id "
:
null
}
}
Removes a VPN service.
If the service has connections, the request is rejected.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| service_id | path | string | The ID of the VPN service. |
There is no body content for the response of a successful DELETE request.
Extension that allows user selection of operator-curated flavors during resource creation.
Users can check if flavor available by performing a GET on the /v2.0/extensions/flavors. If it is unavailable,there is an 404 error response (itemNotFound). Refer Show extension details for more details.
Lists all flavors visible to the project.
The list can be empty.
Standard query parameters are supported on the URI. Use the
fields
query parameter to control which fields are returned in the response body.
Additionally, you can filter results by using query string parameters.
For information, see Filtering and Column Selection
. If Neutron configuration supports
pagination by overriding allow_pagination = false, the
marker
query
parameter can set the last element id the client has seen and
limit
set the maximum number of items to return. if Neutron configuration has
allow_sorting = true,
sort_key
and
sort_dir
pairs can be used
where sort direction is ‘asc’ or ‘desc’.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| service_type (Optional) | query | string | Filter the flavor list result by the type of the flavor. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| enabled (Optional) | query | boolean | Filter the flavor list result based on whether the flavor is enabled or not. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a flavor attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| flavors | body | array |
A list of
flavor
objects.
|
| id | body | string | The ID of the flavor. |
| service_type | body | string | Service type for the flavor. Example: LOADBALANCERV2. |
| name | body | string | Name of the flavor. |
| description | body | string | The human-readable description for the flavor. |
| enabled | body | boolean | Indicates whether the flavor is enabled or not. Default is true. |
| service_profiles | body | array | Service profile UUIDs associated with this flavor. |
{
"flavors "
:
[
{
"description "
:
""
,
"enabled "
:
true
,
"service_profiles "
:
[],
"service_type "
:
"LOADBALANCERV2 "
,
"id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"name "
:
"dummy "
}
]
}
Creates a flavor.
This operation establishes a new flavor.
The service_type to which the flavor applies is a required parameter. The corresponding service plugin must have been activated as part of the configuration. Check Service providers for how to see currently loaded service types. Additionally the service plugin needs to support the use of flavors. For example, the LOADBALANCERV2 service type using the LBaaSv2 API currently supports Neutron service flavors.
Creation currently limited to administrators. Other users will
receive a
Forbidden
403
response code with a response body
NeutronError message expressing that creation is disallowed by
policy.
Until one or more service profiles are associated with the flavor
by the operator, attempts to use the flavor during resource
creations will currently return a
Not
Found
404
with a response
body that indicates no service profile could be found.
If the API cannot fulfill the request due to insufficient data or
data that is not valid, the service returns the HTTP
Bad
Request
(400)
response code with information about the failure in the
response body. Validation errors require that you correct the error
and submit the request again.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| flavor | body | object |
A
flavor
object.
|
| service_type | body | string | Service type for the flavor. Example: LOADBALANCERV2. |
| enabled (Optional) | body | boolean | Indicates whether the flavor is enabled or not. Default is true. |
| description (Optional) | body | string | The human-readable description for the flavor. |
| name (Optional) | body | string | Name of the flavor. |
{
"flavor "
:
{
"service_type "
:
"LOADBALANCERV2 "
,
"enabled "
:
true
,
"name "
:
"dummy "
,
"description "
:
"Dummy flavor "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| flavor | body | object |
A
flavor
object.
|
| id | body | string | The ID of the flavor. |
| service_type | body | string | Service type for the flavor. Example: LOADBALANCERV2. |
| name | body | string | Name of the flavor. |
| description | body | string | The human-readable description for the flavor. |
| enabled | body | boolean | Indicates whether the flavor is enabled or not. Default is true. |
| service_profiles | body | array | Service profile UUIDs associated with this flavor. |
{
"flavor "
:
{
"id "
:
"7fc0581b-4509-49e1-90eb-c953c877fa4c "
,
"name "
:
"dummy "
,
"service_type "
:
"LOADBALANCERV2 "
,
"description "
:
"Dummy flavor "
,
"enabled "
:
true
,
"service_profiles "
:
[]
}
}
Shows details for a flavor.
This operation returns a flavor object by ID. If you are not an
administrative user and the flavor object is not visible to your
project account, the service returns the HTTP
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| flavor_id | path | string | The UUID of the flavor. |
| Name | In | Type | Description |
|---|---|---|---|
| flavor | body | object |
A
flavor
object.
|
| id | body | string | The ID of the flavor. |
| service_type | body | string | Service type for the flavor. Example: LOADBALANCERV2. |
| name | body | string | Name of the flavor. |
| description | body | string | The human-readable description for the flavor. |
| enabled | body | boolean | Indicates whether the flavor is enabled or not. Default is true. |
| service_profiles | body | array | Service profile UUIDs associated with this flavor. |
{
"flavor "
:
{
"description "
:
""
,
"enabled "
:
true
,
"service_profiles "
:
[],
"service_type "
:
"LOADBALANCERV2 "
,
"id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"name "
:
"dummy "
}
}
Updates a flavor.
The service_type cannot be updated as there may be associated service profiles and consumers depending on the value.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| flavor_id | path | string | The UUID of the flavor. |
| flavor | body | object |
A
flavor
object.
|
| name (Optional) | body | string | Name of the flavor. |
| description (Optional) | body | string | The human-readable description for the flavor. |
| enabled (Optional) | body | boolean | Indicates whether the flavor is enabled or not. Default is true. |
{
"flavor "
:
{
"enabled "
:
false
,
"name "
:
"newname "
,
"description "
:
"New description "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| flavor | body | object |
A
flavor
object.
|
| id | body | string | The ID of the flavor. |
| service_type | body | string | Service type for the flavor. Example: LOADBALANCERV2. |
| name | body | string | Name of the flavor. |
| description | body | string | The human-readable description for the flavor. |
| enabled | body | boolean | Indicates whether the flavor is enabled or not. Default is true. |
| service_profiles | body | array | Service profile UUIDs associated with this flavor. |
{
"flavor "
:
{
"description "
:
"New description "
,
"enabled "
:
false
,
"service_profiles "
:
[],
"service_type "
:
"LOADBALANCERV2 "
,
"id "
:
"7fc0581b-4509-49e1-90eb-c953c877fa4c "
,
"name "
:
"newname "
}
}
Deletes a flavor.
Normal response codes: 204
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| flavor_id | path | string | The UUID of the flavor. |
No body content is returned on a successful DELETE.
Associate a flavor with a service profile.
A flavor can be associated with more than one profile.
Will return
409
Conflict
if association already exists.
Normal response codes: 201
Error response codes: 400, 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| flavor_id | path | string | The UUID of the flavor. |
| service_profile | body | object |
A
service_profile
object.
|
| id | body | string | The UUID of the service profile. |
{
"service_profile "
:
{
"id "
:
"4e5b9191-ffbe-4f7a-b112-2db98232fd32 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| service_profile | body | object |
A
service_profile
object.
|
| id | body | string | The ID of the resource. |
{
"service_profile "
:
{
"id "
:
"4e5b9191-ffbe-4f7a-b112-2db98232fd32 "
}
}
Disassociate a flavor from a service profile.
Normal response codes: 204
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| profile_id | path | string | The UUID of the service profile. |
| flavor_id | path | string | The UUID of the flavor. |
No body content is returned on a successful disassociation.
Lists all service profiles visible for the tenant account.
The list can be empty.
Standard query parameters are supported on the URI.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| enabled (Optional) | query | boolean | Filter the service profile list result based on whether this service profile is enabled or not. |
| driver (Optional) | query | string | Filter the service profile list result by the driver that this profile uses. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a service profile attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| Name | In | Type | Description |
|---|---|---|---|
| service_profiles | body | array | Service profile UUIDs associated with this flavor. |
| id | body | string | The UUID of the service profile. |
| enabled | body | boolean |
Indicates whether this service profile is enabled or not.
Default is
true
.
|
| driver | body | string |
Provider driver to use for this profile. Example:
neutron_lbaas.drivers.octavia.driver.OctaviaDriver
|
| description | body | string | The human-readable description for the service profile. |
| metainfo | body | string | JSON-formatted meta information of the service profile. |
{
"service_profiles "
:
[
{
"id "
:
"4e5b9191-ffbe-4f7a-b112-2db98232fd32 "
,
"enabled "
:
true
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"description "
:
""
,
"metainfo "
:
"{}"
},
{
"id "
:
"684322c5-703a-48a2-8138-34b99942a7ef "
,
"enabled "
:
true
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"description "
:
""
,
"metainfo "
:
"{}"
}
]
}
Creates a service profile.
This operation establishes a new service profile that can be associated with one or more flavors.
Either metadata or a driver is required.
If a driver is specified but does not exist, call will return a
Not
found
404
error with the response body explaining that the
driver could not be found.
Creation currently limited to administrators. Other users will
receive a
Forbidden
403
response code with a response body
NeutronError message expressing that creation is disallowed by
policy.
If the API cannot fulfill the request due to insufficient data or
data that is not valid, the service returns the HTTP
Bad
Request
(400)
response code with information about the failure in the
response body. Validation errors require that you correct the error
and submit the request again.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| service_profile | body | object |
A
service_profile
object.
|
| description (Optional) | body | string | The human-readable description for the service profile. |
| metainfo (Optional) | body | string | JSON-formatted meta information of the service profile. |
| enabled (Optional) | body | boolean |
Indicates whether this service profile is enabled or not.
Default is
true
.
|
| driver (Optional) | body | string |
Provider driver to use for this profile. Example:
neutron_lbaas.drivers.octavia.driver.OctaviaDriver
|
{
"service_profile "
:
{
"enabled "
:
"true "
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"description "
:
"Dummy profile "
,
"metainfo "
:
"{'foo ': 'bar '}"
}
}
| Name | In | Type | Description |
|---|---|---|---|
| service_profile | body | object |
A
service_profile
object.
|
| id | body | string | The UUID of the service profile. |
| enabled | body | boolean |
Indicates whether this service profile is enabled or not.
Default is
true
.
|
| driver | body | string |
Provider driver to use for this profile. Example:
neutron_lbaas.drivers.octavia.driver.OctaviaDriver
|
| description | body | string | The human-readable description for the service profile. |
| metainfo | body | string | JSON-formatted meta information of the service profile. |
{
"service_profile "
:
{
"enabled "
:
true
,
"metainfo "
:
"{'foo ': 'bar '}"
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"id "
:
"7c793e5f-9b64-44e0-8b1f-902e59c85a01 "
,
"description "
:
"Dummy profile "
}
}
Shows details for a service profile.
This operation returns a service profile object by ID. If you are
not an administrative user and the object is not visible to your
tenant account, the service returns the HTTP
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| profile_id | path | string | The UUID of the service profile. |
| Name | In | Type | Description |
|---|---|---|---|
| service_profile | body | object |
A
service_profile
object.
|
| id | body | string | The UUID of the service profile. |
| enabled | body | boolean |
Indicates whether this service profile is enabled or not.
Default is
true
.
|
| driver | body | string |
Provider driver to use for this profile. Example:
neutron_lbaas.drivers.octavia.driver.OctaviaDriver
|
| description | body | string | The human-readable description for the service profile. |
| metainfo | body | string | JSON-formatted meta information of the service profile. |
{
"service_profile "
:
{
"enabled "
:
true
,
"metainfo "
:
"{'foo ': 'bar '}"
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"id "
:
"7c793e5f-9b64-44e0-8b1f-902e59c85a01 "
,
"description "
:
"Dummy profile "
}
}
Updates a service profile.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| profile_id | path | string | The UUID of the service profile. |
| service_profile | body | object |
A
service_profile
object.
|
| enabled (Optional) | body | boolean |
Indicates whether this service profile is enabled or not.
Default is
true
.
|
| driver (Optional) | body | string |
Provider driver to use for this profile. Example:
neutron_lbaas.drivers.octavia.driver.OctaviaDriver
|
| description (Optional) | body | string | The human-readable description for the service profile. |
| metainfo (Optional) | body | string | JSON-formatted meta information of the service profile. |
{
"service_profile "
:
{
"enabled "
:
false
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"description "
:
"New description "
,
"metainfo "
:
"{'new ': 'info '}"
}
}
| Name | In | Type | Description |
|---|---|---|---|
| service_profile | body | object |
A
service_profile
object.
|
| id | body | string | The UUID of the service profile. |
| enabled | body | boolean |
Indicates whether this service profile is enabled or not.
Default is
true
.
|
| driver | body | string |
Provider driver to use for this profile. Example:
neutron_lbaas.drivers.octavia.driver.OctaviaDriver
|
| description | body | string | The human-readable description for the service profile. |
| metainfo | body | string | JSON-formatted meta information of the service profile. |
{
"service_profile "
:
{
"enabled "
:
false
,
"metainfo "
:
"{'new ': 'info '}"
,
"driver "
:
"neutron_lbaas.drivers.octavia.driver.OctaviaDriver "
,
"id "
:
"7c793e5f-9b64-44e0-8b1f-902e59c85a01 "
,
"description "
:
"New description "
}
}
Deletes a service profile.
Attempting to delete a service profile that is currently associated
with a flavor will return a
Conflict
409
with a response body
containing an in use message.
Either metadata or a driver is required.
Normal response codes: 204
Error response codes: 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| profile_id | path | string | The UUID of the service profile. |
No body content is returned on a successful DELETE.
Creates, modifies, and deletes OpenStack Layer3 metering labels and rules.
Lists all L3 metering labels that belong to the project.
The list shows the ID for each metering label.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| shared (Optional) | query | boolean | Admin-only. Filter the list result based on whether the resource is shared across all projects. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a metering label attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| metering_labels | body | array |
A list of
metering_label
objects.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| shared | body | boolean | Indicates whether this metering label is shared across all projects. |
| id | body | string | The ID of the metering label. |
| name | body | string | Human-readable name of the resource. |
{
"metering_labels "
:
[
{
"project_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"tenant_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"description "
:
"label1 description "
,
"name "
:
"label1 "
,
"id "
:
"a6700594-5b7a-4105-8bfe-723b346ce866 "
,
"shared "
:
false
},
{
"project_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"tenant_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"description "
:
"label2 description "
,
"name "
:
"label2 "
,
"id "
:
"e131d186-b02d-4c0b-83d5-0c0725c4f812 "
,
"shared "
:
false
}
]
}
Creates an L3 metering label.
Normal response codes: 201
Error response codes: 400, 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| metering_label | body | object |
A
metering_label
object.
|
| shared (Optional) | body | boolean | Indicates whether this metering label is shared across all projects. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
{
"metering_label "
:
{
"name "
:
"label1 "
,
"description "
:
"description of label1 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| metering_label | body | object |
A
metering_label
object.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| shared | body | boolean | Indicates whether this metering label is shared across all projects. |
| id | body | string | The ID of the metering label. |
| name | body | string | Human-readable name of the resource. |
{
"metering_label "
:
{
"project_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"tenant_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"description "
:
"description of label1 "
,
"name "
:
"label1 "
,
"id "
:
"bc91b832-8465-40a7-a5d8-ba87de442266 "
,
"shared "
:
false
}
}
Shows details for a metering label.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_id | path | string | The ID of the metering label. |
GET
/
v2
.0
/
metering
/
metering
-
labels
/
a6700594
-
5
b7a
-
4105
-
8
bfe
-
723
b346ce866
HTTP
/
1.1
Host
:
controlnode
:
9696
User
-
Agent
:
python
-
neutronclient
Content
-
Type
:
application
/
json
Accept
:
application
/
json
X
-
Auth
-
Token
:
c52a1b304fec4ca0ac85dc1741eec6e2
| Name | In | Type | Description |
|---|---|---|---|
| metering_label | body | object |
A
metering_label
object.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| shared | body | boolean | Indicates whether this metering label is shared across all projects. |
| id | body | string | The ID of the metering label. |
| name | body | string | Human-readable name of the resource. |
{
"metering_label "
:
{
"project_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"tenant_id "
:
"45345b0ee1ea477fac0f541b2cb79cd4 "
,
"description "
:
"label1 description "
,
"name "
:
"label1 "
,
"id "
:
"a6700594-5b7a-4105-8bfe-723b346ce866 "
,
"shared "
:
false
}
}
Deletes an L3 metering label.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_id | path | string | The ID of the metering label. |
DELETE
/
v2
.0
/
metering
/
metering
-
labels
/
a6700594
-
5
b7a
-
4105
-
8
bfe
-
723
b346ce866
HTTP
/
1.1
Host
:
controlnode
:
9696
User
-
Agent
:
python
-
neutronclient
Content
-
Type
:
application
/
json
Accept
:
application
/
json
X
-
Auth
-
Token
:
c52a1b304fec4ca0ac85dc1741eec6e2
There is no body content for the response of a successful DELETE request.
Lists a summary of all L3 metering label rules that belong to the project.
The list shows the ID for each metering label rule.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| direction (Optional) | query | string |
Filter the metering rule list result by the direction in
which the metering rule is applied, which is
ingress
or
egress
.
|
| remote_ip_prefix (Optional) | query | string | Filter the metering rule list result by the remote IP prefix that the metering rule associates with. |
| excluded (Optional) | query | boolean |
Filter the metering rule list result based on whether the metering
rule exclude the traffic of a specific IP address with the
remote_ip_prefix
value.
|
| metering_label_id (Optional) | query | string | Filter the metering rule list result by the ID of the metering label associated with this metering rule. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a metering label attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_rules | body | array |
A list of
metering_label_rule
objects.
|
| direction | body | string | Ingress or egress, which is the direction in which the metering rule is applied. |
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this metering rule. |
| excluded | body | boolean |
Indicates whether to count the traffic of a
specific IP address with the
remote_ip_prefix
value.
|
| metering_label_id | body | string | The metering label ID associated with this metering rule. |
| id | body | string | The ID of the metering label rule. |
{
"metering_label_rules "
:
[
{
"remote_ip_prefix "
:
"20.0.0.0/24 "
,
"direction "
:
"ingress "
,
"metering_label_id "
:
"e131d186-b02d-4c0b-83d5-0c0725c4f812 "
,
"id "
:
"9536641a-7d14-4dc5-afaf-93a973ce0eb8 "
,
"excluded "
:
false
},
{
"remote_ip_prefix "
:
"10.0.0.0/24 "
,
"direction "
:
"ingress "
,
"metering_label_id "
:
"e131d186-b02d-4c0b-83d5-0c0725c4f812 "
,
"id "
:
"ffc6fd15-40de-4e7d-b617-34d3f7a93aec "
,
"excluded "
:
false
}
]
}
Creates an L3 metering label rule.
Normal response codes: 201
Error response codes: 400, 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_rule | body | object |
A
metering_label_rule
object.
|
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this metering rule. |
| direction | body | string | Ingress or egress, which is the direction in which the metering rule is applied. |
| metering_label_id | body | string | The metering label ID associated with this metering rule. |
| excluded (Optional) | body | boolean |
Indicates whether to count the traffic of a
specific IP address with the
remote_ip_prefix
value. Default
is
false
.
|
{
"metering_label_rule "
:
{
"remote_ip_prefix "
:
"10.0.1.0/24 "
,
"direction "
:
"ingress "
,
"metering_label_id "
:
"e131d186-b02d-4c0b-83d5-0c0725c4f812 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_rule | body | object |
A
metering_label_rule
object.
|
| direction | body | string | Ingress or egress, which is the direction in which the metering rule is applied. |
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this metering rule. |
| excluded | body | boolean |
Indicates whether to count the traffic of a
specific IP address with the
remote_ip_prefix
value.
|
| metering_label_id | body | string | The metering label ID associated with this metering rule. |
| id | body | string | The ID of the metering label rule. |
{
"metering_label_rule "
:
{
"remote_ip_prefix "
:
"10.0.1.0/24 "
,
"direction "
:
"ingress "
,
"metering_label_id "
:
"e131d186-b02d-4c0b-83d5-0c0725c4f812 "
,
"id "
:
"00e13b58-b4f2-4579-9c9c-7ac94615f9ae "
,
"excluded "
:
false
}
}
Shows details for a metering label rule.
The response body shows this information for each metering label rule:
direction
. Either ingress or egress.
excluded
. Either
true
or
false
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_rule_id | path | string | The ID of the metering label rule. |
GET
/
v2
.0
/
metering
/
metering
-
label
-
rules
/
9536641
a
-
7
d14
-
4
dc5
-
afaf
-
93
a973ce0eb8
HTTP
/
1.1
Host
:
controlnode
:
9696
User
-
Agent
:
python
-
neutronclient
Content
-
Type
:
application
/
json
Accept
:
application
/
json
X
-
Auth
-
Token
:
c52a1b304fec4ca0ac85dc1741eec6e2
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_rule | body | object |
A
metering_label_rule
object.
|
| direction | body | string | Ingress or egress, which is the direction in which the metering rule is applied. |
| remote_ip_prefix | body | string | The remote IP prefix that is matched by this metering rule. |
| excluded | body | boolean |
Indicates whether to count the traffic of a
specific IP address with the
remote_ip_prefix
value.
|
| metering_label_id | body | string | The metering label ID associated with this metering rule. |
| id | body | string | The ID of the metering label rule. |
{
"metering_label_rule "
:
{
"remote_ip_prefix "
:
"20.0.0.0/24 "
,
"direction "
:
"ingress "
,
"metering_label_id "
:
"e131d186-b02d-4c0b-83d5-0c0725c4f812 "
,
"id "
:
"9536641a-7d14-4dc5-afaf-93a973ce0eb8 "
,
"excluded "
:
false
}
}
Deletes an L3 metering label rule.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| metering_label_rule_id | path | string | The ID of the metering label rule. |
DELETE
/
v2
.0
/
metering
/
metering
-
labels
/
37
b31179
-
71
ee
-
4
f0a
-
b130
-
0
eeb28e7ede7
HTTP
/
1.1
Host
:
controlnode
:
9696
User
-
Agent
:
python
-
neutronclient
Content
-
Type
:
application
/
json
Accept
:
application
/
json
X
-
Auth
-
Token
:
c52a1b304fec4ca0ac85dc1741eec6e2
There is no body content for the response of a successful DELETE request.
The extension
network-ip-availability
allows users to list and show the
network IP usage stats of all networks or of a specified network.
By default policy configuration, only administrative users can use this API.
Shows network IP availability details for a network.
By default policy configuration, only administrative users can retrieve
IP availability. Otherwise,
Not
Found
(404)
will be returned.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| network_id | path | string | The ID of the network. |
| Name | In | Type | Description |
|---|---|---|---|
| network_ip_availability | body | object |
A
network_ip_availability
object.
|
| network_id | body | string | The ID of the network whose IP availability detail is reported. |
| network_name | body | string | Human-readable name of the network. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| total_ips | body | integer | The total number of IP addresses in a network. |
| used_ips | body | integer | The number of used IP addresses of all subnets in a network. |
| subnet_ip_availability | body | array | A list of dictionaries showing subnet IP availability. It contains information for every subnet associated to the network. |
| subnet_id | body | string | The ID of the subnet whose IP availability detail is reported. |
| subnet_name | body | string | The name of the subnet. |
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| cidr | body | string | The CIDR of the subnet. |
{
"network_ip_availability "
:
{
"used_ips "
:
4
,
"subnet_ip_availability "
:
[
{
"used_ips "
:
2
,
"subnet_id "
:
"44e70d00-80a2-4fb1-ab59-6190595ceb61 "
,
"subnet_name "
:
"private-subnet "
,
"ip_version "
:
4
,
"cidr "
:
"10.0.0.0/24 "
,
"total_ips "
:
253
},
{
"used_ips "
:
2
,
"subnet_id "
:
"a90623df-00e1-4902-a675-40674385d74c "
,
"subnet_name "
:
"ipv6-private-subnet "
,
"ip_version "
:
6
,
"cidr "
:
"fdbf:ac66:9be8::/64 "
,
"total_ips "
:
18446744073709552000
}
],
"network_id "
:
"6801d9c8-20e6-4b27-945d-62499f00002e "
,
"project_id "
:
"d56d3b8dd6894a508cf41b96b522328c "
,
"tenant_id "
:
"d56d3b8dd6894a508cf41b96b522328c "
,
"total_ips "
:
18446744073709552000
,
"network_name "
:
"private "
}
}
Lists network IP availability of all networks.
By default policy configuration, only administrative users can retrieve IP availabilities. Otherwise, an empty list will be returned.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| network_id (Optional) | query | string | Filter the list result by the ID of the network whose IP availability detail is reported. |
| network_name (Optional) | query | string | Filter the list result by the human-readable name of the network. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| ip_version (Optional) | query | integer |
Filter the list result by the IP protocol version.
Valid value is
4
or
6
.
|
| Name | In | Type | Description |
|---|---|---|---|
| network_ip_availabilities | body | array |
The
network_ip_availabilities
object.
|
| network_id | body | string | The ID of the network whose IP availability detail is reported. |
| network_name | body | string | Human-readable name of the network. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| total_ips | body | integer | The total number of IP addresses in a network. |
| used_ips | body | integer | The number of used IP addresses of all subnets in a network. |
| subnet_ip_availability | body | array | A list of dictionaries showing subnet IP availability. It contains information for every subnet associated to the network. |
| subnet_id | body | string | The ID of the subnet whose IP availability detail is reported. |
| subnet_name | body | string | The name of the subnet. |
| ip_version | body | integer |
The IP protocol version. Value is
4
or
6
.
|
| cidr | body | string | The CIDR of the subnet. |
{
"network_ip_availabilities "
:
[
{
"network_id "
:
"4cf895c9-c3d1-489e-b02e-59b5c8976809 "
,
"network_name "
:
"public "
,
"subnet_ip_availability "
:
[
{
"cidr "
:
"2001:db8::/64 "
,
"ip_version "
:
6
,
"subnet_id "
:
"ca3f46c4-c6ff-4272-9be4-0466f84c6077 "
,
"subnet_name "
:
"ipv6-public-subnet "
,
"total_ips "
:
18446744073709552000
,
"used_ips "
:
1
},
{
"cidr "
:
"172.24.4.0/24 "
,
"ip_version "
:
4
,
"subnet_id "
:
"cc02efc1-9d47-46bd-bab6-760919c836b5 "
,
"subnet_name "
:
"public-subnet "
,
"total_ips "
:
253
,
"used_ips "
:
1
}
],
"project_id "
:
"1a02cc95f1734fcc9d3c753818f03002 "
,
"tenant_id "
:
"1a02cc95f1734fcc9d3c753818f03002 "
,
"total_ips "
:
253
,
"used_ips "
:
2
},
{
"network_id "
:
"6801d9c8-20e6-4b27-945d-62499f00002e "
,
"network_name "
:
"private "
,
"subnet_ip_availability "
:
[
{
"cidr "
:
"10.0.0.0/24 "
,
"ip_version "
:
4
,
"subnet_id "
:
"44e70d00-80a2-4fb1-ab59-6190595ceb61 "
,
"subnet_name "
:
"private-subnet "
,
"total_ips "
:
253
,
"used_ips "
:
2
},
{
"ip_version "
:
6
,
"cidr "
:
"fdbf:ac66:9be8::/64 "
,
"subnet_id "
:
"a90623df-00e1-4902-a675-40674385d74c "
,
"subnet_name "
:
"ipv6-private-subnet "
,
"total_ips "
:
18446744073709552000
,
"used_ips "
:
2
}
],
"project_id "
:
"d56d3b8dd6894a508cf41b96b522328c "
,
"tenant_id "
:
"d56d3b8dd6894a508cf41b96b522328c "
,
"total_ips "
:
18446744073709552000
,
"used_ips "
:
4
}
]
}
Lists default quotas, current quotas for projects with non-default quota values, and shows, updates, and resets quotas for a project.
A quota value of
-1
means that quota has no limit.
Lists quotas for projects with non-default quota values.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| quotas | body | array | A list of quota objects. |
| floatingip | body | integer |
The number of floating IP addresses allowed for
each project. A value of
-1
means no limit.
|
| network | body | integer |
The number of networks allowed for each project.
A value of
-1
means no limit.
|
| port | body | integer |
The number of ports allowed for each project.
A value of
-1
means no limit.
|
| project_id | body | string | The ID of the project. |
| rbac_policy | body | integer |
The number of role-based access control (RBAC)
policies for each project. A value of
-1
means
no limit.
|
| router | body | integer |
The number of routers allowed for each project.
A value of
-1
means no limit.
|
| security_group | body | integer |
The number of security groups allowed for each
project. A value of
-1
means no limit.
|
| security_group_rule | body | integer |
The number of security group rules allowed for
each project. A value of
-1
means no limit.
|
| subnet | body | integer |
The number of subnets allowed for each project.
A value of
-1
means no limit.
|
| subnetpool | body | integer |
The number of subnet pools allowed for each
project. A value of
-1
means no limit.
|
| tenant_id | body | string | The ID of the project. |
{
"quotas "
:
[
{
"floatingip "
:
50
,
"network "
:
15
,
"port "
:
50
,
"project_id "
:
"bab7d5c60cd041a0a36f7c4b6e1dd978 "
,
"rbac_policy "
:
-
1
,
"router "
:
10
,
"security_group "
:
10
,
"security_group_rule "
:
100
,
"subnet "
:
10
,
"subnetpool "
:
-
1
,
"tenant_id "
:
"bab7d5c60cd041a0a36f7c4b6e1dd978 "
}
]
}
Lists quotas for a project.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| project_id | path | string | The ID of the project. |
| Name | In | Type | Description |
|---|---|---|---|
| quota | body | object |
A
quota
object.
|
| floatingip | body | integer |
The number of floating IP addresses allowed for
each project. A value of
-1
means no limit.
|
| network | body | integer |
The number of networks allowed for each project.
A value of
-1
means no limit.
|
| port | body | integer |
The number of ports allowed for each project.
A value of
-1
means no limit.
|
| rbac_policy | body | integer |
The number of role-based access control (RBAC)
policies for each project. A value of
-1
means
no limit.
|
| router | body | integer |
The number of routers allowed for each project.
A value of
-1
means no limit.
|
| security_group | body | integer |
The number of security groups allowed for each
project. A value of
-1
means no limit.
|
| security_group_rule | body | integer |
The number of security group rules allowed for
each project. A value of
-1
means no limit.
|
| subnet | body | integer |
The number of subnets allowed for each project.
A value of
-1
means no limit.
|
| subnetpool | body | integer |
The number of subnet pools allowed for each
project. A value of
-1
means no limit.
|
{
"quota "
:
{
"floatingip "
:
50
,
"network "
:
10
,
"port "
:
50
,
"rbac_policy "
:
-
1
,
"router "
:
10
,
"security_group "
:
10
,
"security_group_rule "
:
100
,
"subnet "
:
10
,
"subnetpool "
:
-
1
}
}
Updates quotas for a project. Use when non-default quotas are desired.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| project_id | path | string | The ID of the project. |
| quota | body | object |
A
quota
object.
|
| floatingip (Optional) | body | integer |
The number of floating IP addresses allowed for
each project. A value of
-1
means no limit.
|
| network (Optional) | body | integer |
The number of networks allowed for each project.
A value of
-1
means no limit.
|
| port (Optional) | body | integer |
The number of ports allowed for each project.
A value of
-1
means no limit.
|
| rbac_policy (Optional) | body | integer |
The number of role-based access control (RBAC)
policies for each project. A value of
-1
means
no limit.
|
| router (Optional) | body | integer |
The number of routers allowed for each project.
A value of
-1
means no limit.
|
| security_group (Optional) | body | integer |
The number of security groups allowed for each
project. A value of
-1
means no limit.
|
| security_group_rule (Optional) | body | integer |
The number of security group rules allowed for
each project. A value of
-1
means no limit.
|
| subnet (Optional) | body | integer |
The number of subnets allowed for each project.
A value of
-1
means no limit.
|
| subnetpool (Optional) | body | integer |
The number of subnet pools allowed for each
project. A value of
-1
means no limit.
|
{
"quota "
:
{
"floatingip "
:
50
,
"network "
:
10
,
"port "
:
50
,
"rbac_policy "
:
-
1
,
"router "
:
10
,
"security_group "
:
10
,
"security_group_rule "
:
100
,
"subnet "
:
10
,
"subnetpool "
:
-
1
}
}
| Name | In | Type | Description |
|---|---|---|---|
| quota | body | object |
A
quota
object.
|
| floatingip | body | integer |
The number of floating IP addresses allowed for
each project. A value of
-1
means no limit.
|
| network | body | integer |
The number of networks allowed for each project.
A value of
-1
means no limit.
|
| port | body | integer |
The number of ports allowed for each project.
A value of
-1
means no limit.
|
| rbac_policy | body | integer |
The number of role-based access control (RBAC)
policies for each project. A value of
-1
means
no limit.
|
| router | body | integer |
The number of routers allowed for each project.
A value of
-1
means no limit.
|
| security_group | body | integer |
The number of security groups allowed for each
project. A value of
-1
means no limit.
|
| security_group_rule | body | integer |
The number of security group rules allowed for
each project. A value of
-1
means no limit.
|
| subnet | body | integer |
The number of subnets allowed for each project.
A value of
-1
means no limit.
|
| subnetpool | body | integer |
The number of subnet pools allowed for each
project. A value of
-1
means no limit.
|
{
"quota "
:
{
"subnet "
:
10
,
"network "
:
15
,
"floatingip "
:
50
,
"subnetpool "
:
-
1
,
"security_group_rule "
:
100
,
"security_group "
:
10
,
"router "
:
10
,
"rbac_policy "
:
-
1
,
"port "
:
50
}
}
Resets quotas to default values for a project.
Normal response codes: 204
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| project_id | path | string | The ID of the project. |
There is no body content for the response of a successful DELETE request.
Lists default quotas for a project.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| project_id | path | string | The ID of the project. |
| Name | In | Type | Description |
|---|---|---|---|
| quota | body | object |
A
quota
object.
|
| floatingip | body | integer |
The number of floating IP addresses allowed for
each project. A value of
-1
means no limit.
|
| network | body | integer |
The number of networks allowed for each project.
A value of
-1
means no limit.
|
| port | body | integer |
The number of ports allowed for each project.
A value of
-1
means no limit.
|
| rbac_policy | body | integer |
The number of role-based access control (RBAC)
policies for each project. A value of
-1
means
no limit.
|
| router | body | integer |
The number of routers allowed for each project.
A value of
-1
means no limit.
|
| security_group | body | integer |
The number of security groups allowed for each
project. A value of
-1
means no limit.
|
| security_group_rule | body | integer |
The number of security group rules allowed for
each project. A value of
-1
means no limit.
|
| subnet | body | integer |
The number of subnets allowed for each project.
A value of
-1
means no limit.
|
| subnetpool | body | integer |
The number of subnet pools allowed for each
project. A value of
-1
means no limit.
|
{
"quota "
:
{
"floatingip "
:
50
,
"network "
:
10
,
"port "
:
50
,
"rbac_policy "
:
-
1
,
"router "
:
10
,
"security_group "
:
10
,
"security_group_rule "
:
100
,
"subnet "
:
10
,
"subnetpool "
:
-
1
}
}
Extends the
quotas
API to show a quota set for each project that includes
the quota’s used, limit and reserved counts per resource.
A quota value of
-1
means that quota has no limit.
Shows quota details for a project.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| project_id | path | string | The ID of the project. |
| Name | In | Type | Description |
|---|---|---|---|
| quota | body | object |
A
quota
detail object. Each key in the object corresponds to a resource
type (
network
,
port
, etc.) having a quota. The value for each
resource type is itself an object (the quota set) containing the quota’s
used
,
limit
and
reserved
integer values.
|
{
"quota "
:
{
"rbac_policy "
:
{
"used "
:
4
,
"limit "
:
10
,
"reserved "
:
0
},
"subnetpool "
:
{
"used "
:
2
,
"limit "
:
-
1
,
"reserved "
:
0
},
"security_group_rule "
:
{
"used "
:
10
,
"limit "
:
100
,
"reserved "
:
1
},
"security_group "
:
{
"used "
:
3
,
"limit "
:
10
,
"reserved "
:
0
},
"subnet "
:
{
"used "
:
3
,
"limit "
:
100
,
"reserved "
:
0
},
"port "
:
{
"used "
:
21
,
"limit "
:
500
,
"reserved "
:
3
},
"network "
:
{
"used "
:
9
,
"limit "
:
100
,
"reserved "
:
2
}
}
}
Lists service providers.
Lists service providers and their associated service types.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| service_providers | body | array |
A list of
service_provider
objects.
|
| service_type | body | string |
The service type, which is
CORE
,
DUMMY
,
FIREWALL
,
FLAVORS
,
L3_ROUTER_NAT
,
LOADBALANCER
,
LOADBALANCERV2
,
METERING
,
QOS
, or
VPN
.
|
| name | body | string | Human-readable name of the resource. |
| default | body | boolean |
Defines whether the provider is the default for
the service type. If this value is
true
, the provider is the
default. If this value is
false
, the provider is not the
default.
|
{
"service_providers "
:
[
{
"service_type "
:
"LOADBALANCER "
,
"default "
:
true
,
"name "
:
"haproxy "
}
]
}
Shows details for, updates, and deletes tags.
The maximum number of characters allowed in a tag is 60. If the length
is longer than 60, the API returns the HTTP
Bad
Request
(400)
response
code with ‘invalid input for operation’ error message.
Note
NOTE: This extension is deprecated in favor of
standard-attr-tag
.
The
tag
extension allows users to set tags on their networks.
This extension supports networks only.
Note
NOTE: This extension is deprecated in favor of
standard-attr-tag
.
The
tag-ext
extension allows users to set tags on their resources.
This extension supports subnets, ports, routers, and subnet pools.
The
standard-attr-tag
extends tagging support to some resources that support
standard attributes. This includes networks, ports, subnets, subnet pools,
floating IPs, routers, security groups, security group rules, QoS policies and
trunks.
Replaces all tags on the resource.
Normal response codes: 200
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| resource_type | path | string | The type of resource which the tag is set on. |
| resource_id | path | string | The ID of resource which the tag is set on. |
| tags | body | array | The list of tags on the resource. |
{
"tags "
:
[
"red "
,
"blue "
]
}
| Name | In | Type | Description |
|---|---|---|---|
| tags | body | array | The list of tags on the resource. |
{
"tags "
:
[
"red "
,
"blue "
]
}
Removes all tags on the resource.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| resource_type | path | string | The type of resource which the tag is set on. |
| resource_id | path | string | The ID of resource which the tag is set on. |
There is no body content for the response of a successful DELETE request.
Confirms a given tag is set on the resource.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| resource_type | path | string | The type of resource which the tag is set on. |
| resource_id | path | string | The ID of resource which the tag is set on. |
| tag | path | string | The name for the tag. |
There is no body content for the response of a successful GET request.
Adds a tag on the resource.
Normal response codes: 201
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| resource_type | path | string | The type of resource which the tag is set on. |
| resource_id | path | string | The ID of resource which the tag is set on. |
| tag | path | string | The name for the tag. |
There is no body content for the response of a successful PUT request.
Obtains the tags for a resource.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| resource_type | path | string | The type of resource which the tag is set on. |
| resource_id | path | string | The ID of resource which the tag is set on. |
| Name | In | Type | Description |
|---|---|---|---|
| tags | body | array | The list of tags on the resource. |
{
"tags "
:
[
"red "
,
"blue "
]
}
Removes a tag on the resource.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| resource_type | path | string | The type of resource which the tag is set on. |
| resource_id | path | string | The ID of resource which the tag is set on. |
| tag | path | string | The name for the tag. |
There is no body content for the response of a successful DELETE request.
Lists and shows information for QoS rule types available in current deployment.
The
qos-rule-type-details
extension adds the
drivers
attribute to
QoS rule types. The
drivers
attribute’s value is a list of driver objects.
Each driver object represents a loaded backend QoS driver and includes the
driver’s
name
as well as a list of its
supported_parameters
and
acceptable values.
Lists available qos rule types.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| rule_types | body | array |
A list of QoS
rule_type
objects.
|
| type | body | string | The type of QoS rule. |
{
"rule_types "
:
[
{
"type "
:
"bandwidth_limit "
},
{
"type "
:
"dscp_marking "
},
{
"type "
:
"minimum_bandwidth "
}
]
}
Shows details for an available QoS rule type.
You can control which response parameters are returned by using the fields query parameter. For information, see Filtering and column selection .
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| rule_type | path | string |
The name of the QoS rule type. It should be one of the types
returned by the List QoS rule types API, for example
bandwidth_limit
or
dscp_marking
.
|
| Name | In | Type | Description |
|---|---|---|---|
| type | body | string | The type of QoS rule. |
| drivers | body | list |
List of loaded QoS drivers with supported
rule type parameters with possible values for each.
Each driver is represented by a dict with the keys
name
and
supported_parameters
.
Field
name
contains the name of a backend driver.
Field
supported_parameters
contains a list of dicts with
parameter_name
,
parameter_type
and
parameter_values
fields.
The valid values for
parameter_type
are
choices
or
range
.
If
parameter_type
is
choices
then
parameter_values
contains a list of acceptable values, otherwise it contains
a dict with keys of
start
and
end
which define the range
of acceptable values.
|
{
"drivers "
:
[
{
"name "
:
"openvswitch "
,
"supported_parameters "
:
[
{
"parameter_name "
:
"max_kbps "
,
"parameter_type "
:
"range "
,
"parameter_values "
:
{
"end "
:
2147483647
,
"start "
:
0
}
},
{
"parameter_name "
:
"direction "
,
"parameter_type "
:
"choices "
,
"parameter_values "
:
[
"ingress "
,
"egress "
]
},
{
"parameter_name "
:
"max_burst_kbps "
,
"parameter_type "
:
"range "
,
"parameter_values "
:
{
"end "
:
2147483647
,
"start "
:
0
}
}
]
},
{
"name "
:
"linuxbridge "
,
"supported_parameters "
:
[
{
"parameter_name "
:
"max_kbps "
,
"parameter_type "
:
"range "
,
"parameter_values "
:
{
"end "
:
2147483647
,
"start "
:
0
}
},
{
"parameter_name "
:
"direction "
,
"parameter_type "
:
"choices "
,
"parameter_values "
:
[
"ingress "
,
"egress "
]
},
{
"parameter_name "
:
"max_burst_kbps "
,
"parameter_type "
:
"range "
,
"parameter_values "
:
{
"end "
:
2147483647
,
"start "
:
0
}
}
]
}
],
"type "
:
"bandwidth_limit "
}
Lists, creates, deletes, shows information for, and updates QoS policies.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
The QoS default extension (
qos-default
) allows a per project
default QoS policy by adding the
is_default
attribute
to
policy
resources.
The
standard-attr-tag
adds Tag support for resources with
standard attributes by adding the
tags
attribute
allowing consumers to associate tags with resources.
Lists all QoS policies associated with your project. One policy can contain more than one rule type.
The list might be empty.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| shared (Optional) | query | boolean | Filter the QoS policy list result based on whether this policy is shared across all projects. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| is_default (Optional) | query | boolean | Filter the QoS policy list result based on whether this policy is the default policy. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be returned. Tags in query must be separated by comma. |
| tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be returned. Tags in query must be separated by comma. |
| not-tags (Optional) | query | string | A list of tags to filter the list result by. Resources that match all tags in this list will be excluded. Tags in query must be separated by comma. |
| not-tags-any (Optional) | query | string | A list of tags to filter the list result by. Resources that match any tag in this list will be excluded. Tags in query must be separated by comma. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a QOS policy attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| policies | body | array |
A list of QoS
policy
objects.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| shared | body | boolean | Indicates whether this policy is shared across all projects. |
| id | body | string | The ID of the QoS policy. |
| is_default | body | boolean |
If
true
, the QoS
policy
is the default policy.
|
| rules | body | array | A set of zero or more policy rules. |
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| tags | body | array | The list of tags on the resource. |
{
"policies "
:
[
{
"project_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"tenant_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"is_default "
:
false
,
"name "
:
"10Mbit "
,
"description "
:
"This policy limits the ports to 10Mbit max."
,
"revision_number "
:
3
,
"created_at "
:
"2018-04-03T21:26:39Z "
,
"updated_at "
:
"2018-04-03T21:26:39Z "
,
"shared "
:
false
,
"rules "
:
[
{
"max_kbps "
:
10000
,
"type "
:
"bandwidth_limit "
,
"id "
:
"b1866696-032a-4228-857f-846075f63487 "
,
"max_burst_kbps "
:
0
,
"qos_policy_id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
},
{
"dscp_mark "
:
20
,
"type "
:
"dscp_marking "
,
"id "
:
"d9c021d5-5433-4d7c-8bfa-69cca486aac8 "
,
"qos_policy_id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
}
],
"tags "
:
[
"tag1,tag2 "
]
}
]
}
Creates a QoS policy.
Creates a QoS policy by using the configuration that you define in the request object. A response object is returned. The object contains a unique ID.
By the default policy configuration, if the caller is not an administrative
user, this call returns the HTTP
Forbidden
(403)
response code.
Users with an administrative role can create policies on behalf of other projects by specifying a project ID that is different than their own.
Normal response codes: 201
Error response codes: 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| policy | body | object |
A QoS
policy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| shared (Optional) | body | boolean |
Set to
true
to share this policy with other
projects. Default is
false
.
|
| is_default (Optional) | body | boolean |
If
true
, the QoS
policy
is the default policy.
|
| name (Optional) | body | string | Human-readable name of the resource. |
{
"policy "
:
{
"name "
:
"10Mbit "
,
"description "
:
"This policy limits the ports to 10Mbit max."
,
"shared "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| policy | body | object |
A QoS
policy
object.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| shared | body | boolean | Indicates whether this policy is shared across all projects. |
| rules | body | array | A set of zero or more policy rules. |
| id | body | string | The ID of the QoS policy. |
| is_default | body | boolean |
If
true
, the QoS
policy
is the default policy.
|
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"policy "
:
{
"name "
:
"10Mbit "
,
"description "
:
"This policy limits the ports to 10Mbit max."
,
"rules "
:
[],
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"is_default "
:
false
,
"project_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"revision_number "
:
1
,
"tenant_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"created_at "
:
"2018-04-03T21:26:39Z "
,
"updated_at "
:
"2018-04-03T21:26:39Z "
,
"shared "
:
false
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Shows details for a QoS policy. One policy can contain more than one rule type.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| Name | In | Type | Description |
|---|---|---|---|
| policy | body | object |
A QoS
policy
object.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| shared | body | boolean | Indicates whether this policy is shared across all projects. |
| rules | body | array | A set of zero or more policy rules. |
| id | body | string | The ID of the QoS policy. |
| is_default | body | boolean |
If
true
, the QoS
policy
is the default policy.
|
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"policy "
:
{
"project_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"tenant_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"is_default "
:
false
,
"name "
:
"10Mbit "
,
"description "
:
"This policy limits the ports to 10Mbit max."
,
"revision_number "
:
3
,
"created_at "
:
"2018-04-03T21:26:39Z "
,
"updated_at "
:
"2018-04-03T21:26:39Z "
,
"shared "
:
false
,
"rules "
:
[
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c793 "
,
"qos_policy_id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"max_kbps "
:
10000
,
"max_burst_kbps "
:
0
,
"type "
:
"bandwidth_limit "
},
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c794 "
,
"qos_policy_id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"dscp_mark "
:
26
,
"type "
:
"dscp_marking "
}
],
"tags "
:
[
"tag1,tag2 "
]
}
}
Updates a QoS policy.
If the request is valid, the service returns the
Accepted
(202)
response code.
Normal response codes: 202
Error response codes: 400, 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| policy | body | object |
A QoS
policy
object.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| is_default (Optional) | body | boolean |
If
true
, the QoS
policy
is the default policy.
|
| shared (Optional) | body | boolean |
Set to
true
to share this policy with other
projects. Default is
false
.
|
| name (Optional) | body | string | Human-readable name of the resource. |
{
"policy "
:
{
"name "
:
"10Mbit "
,
"description "
:
"This policy limits the ports to 10Mbit max."
,
"shared "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| policy | body | object |
A QoS
policy
object.
|
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| revision_number | body | integer | The revision number of the resource. |
| shared | body | boolean | Indicates whether this policy is shared across all projects. |
| id | body | string | The ID of the QoS policy. |
| is_default | body | boolean |
If
true
, the QoS
policy
is the default policy.
|
| rules | body | array | A set of zero or more policy rules. |
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
{
"policy "
:
{
"name "
:
"10Mbit "
,
"description "
:
"This policy limits the ports to 10Mbit max."
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"is_default "
:
false
,
"project_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"revision_number "
:
3
,
"created_at "
:
"2018-04-03T21:26:39Z "
,
"updated_at "
:
"2018-04-03T21:26:39Z "
,
"tenant_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"shared "
:
false
,
"tags "
:
[
"tag1,tag2 "
]
}
}
Lists, creates, deletes, shows information for, and updates QoS bandwidth limit rules.
The
qos-bw-limit-direction
extension adds the
direction
attribute to
QoS rule types. The
direction
attribute allows to configure QoS bandwidth
limit rule with specific direction:
ingress
or
egress
.
Default is
egress
.
Lists all bandwidth limit rules for a QoS policy.
The list might be empty.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| max_kbps (Optional) | query | integer | Filter the list result by the maximum KBPS (kilobits per second) value. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| max_burst_kbps (Optional) | query | integer | Filter the list result by the maximum burst size (in kilobits). |
| direction (Optional) | query | string |
Filter the list result by the direction of the traffic to which the QoS
rule is applied. Valid values are
egress
and
ingress
.
|
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a bandwidth limit rule attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| Name | In | Type | Description |
|---|---|---|---|
| bandwidth_limit_rules | body | array | A list of bandwidth limit rules associated with the QoS policy. |
| max_kbps | body | integer | The maximum KBPS (kilobits per second) value. If you specify this value, must be greater than 0 otherwise max_kbps will have no value. |
| id | body | string | The ID of the QoS Bandwidth limit rule. |
| max_burst_kbps | body | integer | The maximum burst size (in kilobits). |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
| tags | body | array | The list of tags on the resource. |
{
"bandwidth_limit_rules "
:
[
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c793 "
,
"max_kbps "
:
10000
,
"max_burst_kbps "
:
0
,
"direction "
:
"egress "
}
]
}
Creates a bandwidth limit rule for a QoS policy.
Normal response codes: 201
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| bandwidth_limit_rule | body | object |
A
bandwidth_limit_rule
object.
|
| max_kbps (Optional) | body | integer | The maximum KBPS (kilobits per second) value. If you specify this value, must be greater than 0 otherwise max_kbps will have no value. |
| max_burst_kbps (Optional) | body | integer |
The maximum burst size (in kilobits). Default is
0
.
|
| direction (Optional) | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
{
"bandwidth_limit_rule "
:
{
"max_kbps "
:
"10000 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| bandwidth_limit_rule | body | object |
A
bandwidth_limit_rule
object.
|
| max_kbps | body | integer | The maximum KBPS (kilobits per second) value. If you specify this value, must be greater than 0 otherwise max_kbps will have no value. |
| id | body | string | The ID of the QoS Bandwidth limit rule. |
| max_burst_kbps | body | integer | The maximum burst size (in kilobits). |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
| tags | body | array | The list of tags on the resource. |
{
"bandwidth_limit_rule "
:
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c793 "
,
"max_kbps "
:
10000
,
"max_burst_kbps "
:
0
,
"direction "
:
"egress "
}
}
Shows details for a bandwidth limit rule for a QoS policy.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| rule_id | path | string | The ID of the QoS rule. |
| Name | In | Type | Description |
|---|---|---|---|
| bandwidth_limit_rule | body | object |
A
bandwidth_limit_rule
object.
|
| max_kbps | body | integer | The maximum KBPS (kilobits per second) value. If you specify this value, must be greater than 0 otherwise max_kbps will have no value. |
| id | body | string | The ID of the QoS Bandwidth limit rule. |
| max_burst_kbps | body | integer | The maximum burst size (in kilobits). |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
| tags | body | array | The list of tags on the resource. |
{
"bandwidth_limit_rule "
:
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c793 "
,
"max_kbps "
:
10000
,
"max_burst_kbps "
:
0
,
"direction "
:
"egress "
}
}
Updates a bandwidth limit rule for a QoS policy.
If the request is valid, the service returns the
Accepted
(202)
response code.
Normal response codes: 202
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| rule_id | path | string | The ID of the QoS rule. |
| bandwidth_limit_rule | body | object |
A
bandwidth_limit_rule
object.
|
| max_kbps (Optional) | body | integer | The maximum KBPS (kilobits per second) value. If you specify this value, must be greater than 0 otherwise max_kbps will have no value. |
| max_burst_kbps (Optional) | body | integer |
The maximum burst size (in kilobits). Default is
0
.
|
| direction (Optional) | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
|
{
"bandwidth_limit_rule "
:
{
"max_kbps "
:
"10000 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| bandwidth_limit_rule | body | object |
A
bandwidth_limit_rule
object.
|
| max_kbps | body | integer | The maximum KBPS (kilobits per second) value. If you specify this value, must be greater than 0 otherwise max_kbps will have no value. |
| id | body | string | The ID of the QoS Bandwidth limit rule. |
| max_burst_kbps | body | integer | The maximum burst size (in kilobits). |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
|
| tags | body | array | The list of tags on the resource. |
{
"bandwidth_limit_rule "
:
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c793 "
,
"max_kbps "
:
10000
,
"max_burst_kbps "
:
0
,
"direction "
:
"egress "
}
}
Deletes a bandwidth limit rule for a QoS policy.
Normal response codes: 204
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| rule_id | path | string | The ID of the QoS rule. |
There is no body content for the response of a successful DELETE request.
Lists, creates, deletes, shows information for, and updates QoS DSCP marking rules.
Lists all DSCP marking rules for a QoS policy.
The list may be empty.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| dscp_mark (Optional) | query | integer | Filter the list result by the DSCP mark value. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a DSCP marking rule attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| Name | In | Type | Description |
|---|---|---|---|
| dscp_marking_rules | body | array |
A list of
dscp_marking_rule
objects.
|
| dscp_mark | body | integer | The DSCP mark value. |
| id | body | string | The ID of the QoS DSCP marking rule. |
| tags | body | array | The list of tags on the resource. |
{
"dscp_marking_rules "
:
[
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c794 "
,
"dscp_mark "
:
26
}
]
}
Creates a DSCP marking rule for a QoS policy.
Normal response codes: 201
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| dscp_marking_rule | body | object |
A
dscp_marking_rule
object.
|
| dscp_mark (Optional) | body | integer | The DSCP mark value. |
{
"dscp_marking_rule "
:
{
"dscp_mark "
:
"26 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| dscp_marking_rule | body | object |
A
dscp_marking_rule
object.
|
| dscp_mark | body | integer | The DSCP mark value. |
| id | body | string | The ID of the QoS DSCP marking rule. |
| tags | body | array | The list of tags on the resource. |
{
"dscp_marking_rule "
:
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c794 "
,
"dscp_mark "
:
26
}
}
Shows details for a DSCP marking rule for a QoS policy.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| dscp_rule_id | path | string | The ID of the DSCP rule. |
| Name | In | Type | Description |
|---|---|---|---|
| dscp_marking_rule | body | object |
A
dscp_marking_rule
object.
|
| dscp_mark (Optional) | body | integer | The DSCP mark value. |
| id | body | string | The ID of the QoS DSCP marking rule. |
| tags | body | array | The list of tags on the resource. |
{
"dscp_marking_rule "
:
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c794 "
,
"dscp_mark "
:
26
}
}
Updates a DSCP marking rule for a QoS policy.
If the request is valid, the service returns the
Accepted
(202)
response code.
Normal response codes: 202
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| dscp_rule_id | path | string | The ID of the DSCP rule. |
| dscp_marking_rule | body | object |
A
dscp_marking_rule
object.
|
| dscp_mark (Optional) | body | integer | The DSCP mark value. |
{
"dscp_marking_rule "
:
{
"dscp_mark "
:
"16 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| dscp_marking_rule | body | object |
A
dscp_marking_rule
object.
|
| dscp_mark | body | integer | The DSCP mark value. |
| id | body | string | The ID of the QoS DSCP marking rule. |
| tags | body | array | The list of tags on the resource. |
{
"dscp_marking_rule "
:
{
"id "
:
"5f126d84-551a-4dcf-bb01-0e9c0df0c794 "
,
"dscp_mark "
:
16
}
}
Deletes a DSCP marking rule for a QoS policy.
Normal response codes: 204
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| dscp_rule_id | path | string | The ID of the DSCP rule. |
There is no body content for the response of a successful DELETE request.
Lists, creates, deletes, shows information for, and updates QoS minimum bandwidth rules.
Lists all minimum bandwidth rules for a QoS policy.
The list might be empty.
You can control which response parameters are returned by using the fields query parameter. For information, see Filtering and column selection .
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| min_kbps (Optional) | query | integer | Filter the list result by the minimum KBPS (kilobits per second) value which should be available for port. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| direction (Optional) | query | string |
Filter the list result by the direction of the traffic to which the QoS
rule is applied. Valid values are
egress
and
ingress
.
|
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a minimum bandwidth rule attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| Name | In | Type | Description |
|---|---|---|---|
| minimum_bandwidth_rules | body | array |
A list of
minimum_bandwidth_rule
objects associated with
the QoS policy.
|
| min_kbps | body | integer | The minimum KBPS (kilobits per second) value which should be available for port. |
| id | body | string | The ID of the QoS minimum bandwidth rule. |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
| tags | body | array | The list of tags on the resource. |
{
"minimum_bandwidth_rules "
:
[
{
"id "
:
"1eddf7af-0b4c-42c5-8ae1-390b32f1de08 "
,
"min_kbps "
:
10000
,
"direction "
:
"egress "
}
]
}
Creates a minimum bandwidth rule for a QoS policy.
Normal response codes: 201
Error response codes: 400, 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| minimum_bandwidth_rule | body | object |
A
minimum_bandwidth_rule
object.
|
| min_kbps | body | integer | The minimum KBPS (kilobits per second) value which should be available for port. |
| direction (Optional) | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
{
"minimum_bandwidth_rule "
:
{
"min_kbps "
:
"10000 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| minimum_bandwidth_rule | body | object |
A
minimum_bandwidth_rule
object.
|
| min_kbps | body | integer | The minimum KBPS (kilobits per second) value which should be available for port. |
| id | body | string | The ID of the QoS minimum bandwidth rule. |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
| tags | body | array | The list of tags on the resource. |
{
"minimum_bandwidth_rule "
:
{
"id "
:
"1eddf7af-0b4c-42c5-8ae1-390b32f1de08 "
,
"min_kbps "
:
10000
,
"direction "
:
"egress "
}
}
Shows details for a minimum bandwidth rule for a QoS policy.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| rule_id | path | string | The ID of the QoS rule. |
| Name | In | Type | Description |
|---|---|---|---|
| minimum_bandwidth_rule | body | object |
A
minimum_bandwidth_rule
object.
|
| min_kbps | body | integer | The minimum KBPS (kilobits per second) value which should be available for port. |
| id | body | string | The ID of the QoS minimum bandwidth rule. |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
Default value is
egress
.
|
| tags | body | array | The list of tags on the resource. |
{
"minimum_bandwidth_rule "
:
{
"id "
:
"1eddf7af-0b4c-42c5-8ae1-390b32f1de08 "
,
"min_kbps "
:
10000
,
"direction "
:
"egress "
}
}
Updates a minimum bandwidth rule for a QoS policy.
If the request is valid, the service returns the
Accepted
(202)
response code.
Normal response codes: 202
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| rule_id | path | string | The ID of the QoS rule. |
| minimum_bandwidth_rule | body | object |
A
minimum_bandwidth_rule
object.
|
| min_kbps | body | integer | The minimum KBPS (kilobits per second) value which should be available for port. |
| direction (Optional) | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
|
{
"minimum_bandwidth_rule "
:
{
"min_kbps "
:
"20000 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| minimum_bandwidth_rule | body | object |
A
minimum_bandwidth_rule
object.
|
| min_kbps | body | integer | The minimum KBPS (kilobits per second) value which should be available for port. |
| id | body | string | The ID of the QoS minimum bandwidth rule. |
| direction | body | string |
The direction of the traffic to which the QoS
rule is applied, as seen from the point of view
of the
port
.
Valid values are
egress
and
ingress
.
|
| tags | body | array | The list of tags on the resource. |
{
"minimum_bandwidth_rule "
:
{
"id "
:
"1eddf7af-0b4c-42c5-8ae1-390b32f1de08 "
,
"min_kbps "
:
20000
,
"direction "
:
"egress "
}
}
Deletes a minimum bandwidth rule for a QoS policy.
Normal response codes: 204
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| policy_id | path | string | The ID of the QoS policy. |
| rule_id | path | string | The ID of the QoS rule. |
There is no body content for the response of a successful DELETE request.
The purpose of this API extension is to enable callers to execute the requests to delete, show and update QoS rules without specifying the corresponding policy ID. Otherwise, these requests have the exact same behavior as their counterparts described in other parts of this documentation. The requests available in this API extension are:
Warning
Neutron-lbaas is deprecated as of Queens. Load-Balancer-as-a-Service (LBaaS v2) is now provided by the Octavia project . The Octavia API v2 is backwards compatible with the neutron-lbaas implementation of the LBaaS 2.0 API. Please see the FAQ: https://wiki.openstack.org/wiki/Neutron/LBaaS/Deprecation
The Load-Balancer-as-a-Service (LBaaS) version 2.0 extension pairs with the Networking 2.0 API to enable OpenStack projects to manage load balancers for their VMs. With this extension you can load-balance client traffic from one network to application services, such as VMs, on the same network.
Use this extension to create and manage load balancers, listeners, pools, members of a pool, and health monitors and view status of a resource.
Load balancer statuses
| Status | Description |
| ACTIVE | The resource is ready and active. |
| PENDING_CREATE | The resource is being created. |
| PENDING_UPDATE | The resource is being updated. |
| PENDING_DELETE | The resource is pending deletion. |
| INACTIVE | The resource is not active. |
| ERROR |
An object within the service is not working. The
error_details
attribute provides an explanation for the error, its cause, and
possibly a solution.
|
Lists all load balancers for the project.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
The list might be empty.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancers | body | array | A list of load balancer objects. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| flavor | body | string | The ID of the flavor. |
| id | body | string | The ID of the load balancer. |
| listeners | body | array | The associated listeners, if any. |
| name | body | string | Human-readable name of the resource. |
| operating_status | body | string |
The operating status of the load balancer. This
value is
ONLINE
or
OFFLINE
.
|
| project_id | body | string | The ID of the project. |
| provider | body | string | Provider name of the load balancer service. |
| provisioning_status | body | string |
The provisioning status of the load balancer.
This value is
ACTIVE
,
PENDING_CREATE
or
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| vip_address | body | string | The IP address of the VIP . |
| vip_subnet_id (Optional) | body | string | The ID of the subnet on which to allocate the virtual IP (VIP) address. This option is required if no vip_network_id is given. |
| pools | body | array |
A list of
pool
objects.
|
{
"loadbalancers "
:
[
{
"description "
:
"simple lb "
,
"admin_state_up "
:
true
,
"project_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"tenant_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"provisioning_status "
:
"ACTIVE "
,
"listeners "
:
[],
"vip_address "
:
"10.0.0.2 "
,
"vip_subnet_id "
:
"013d3059-87a4-45a5-91e9-d721068ae0b2 "
,
"id "
:
"a9729389-6147-41a3-ab22-a24aed8692b2 "
,
"operating_status "
:
"ONLINE "
,
"name "
:
"loadbalancer1 "
,
"flavor "
:
"a7ae5d5a-d855-4f9a-b187-af66b53f4d04 "
,
"provider "
:
"sample-provider "
,
"pools "
:
[]
}
]
}
Creates a load balancer.
This operation provisions a new load balancer by using the configuration that you define in the request object. After the API validates the request and starts the provisioning process, the API returns a response object that contains a unique ID and the status of provisioning the load balancer.
In the response, the load balancer provisioning status is
ACTIVE
,
PENDING_CREATE
, or
ERROR
.
If the status is
PENDING_CREATE
, issue GET
/lbaas/loadbalancers/loadbalancer_id
to view the progress of
the provisioning operation. When the load balancer status changes
to
ACTIVE
, the load balancer is successfully provisioned and
operational for traffic handling.
If the API cannot fulfill the request due to insufficient data or
data that is not valid, the service returns the HTTP
Bad
Request
(400)
response code with information about the failure in the
response body. Validation errors require that you correct the error
and submit the request again.
You can configure all documented features of the load balancer at creation time by specifying the additional elements or attributes in the request.
Administrative users can specify a project ID that is different than their own to create load balancers for other projects.
Example: Create a load balancer
project_id
. Admin only. Required to create a load balancer for
another project.
vip_subnet_id
. The network on which to allocate the VIP
address for the load balancer. A project can only create load
balancer VIPs on networks that the policy authorizes, such as her
own networks or shared or provider networks.
Some attributes receive default values if you omit them from the request:
admin_state_up
. Default is
true
.
name
. Default is an empty string.
description
. Default is an empty string.
If you own the subnet where you want to create the load balancer
VIP, you can specify a
vip_address
attribute. If you omit the
vip_address
attribute from the payload, the LBaaS service
allocates a VIP address from the subnet of the load balancer VIP.
An optional
flavor
attribute can be passed to enable dynamic
selection of an appropriate provider if configured by the operator.
The basic selection algorithm chooses the provider in the first
service profile currently associated with flavor.
You can also specify the
provider
attribute when you create a
load balancer. You can set this attribute to any service provider
with a
LOADBALANCER
service type. Setting both a flavor and a
provider will result in a conflict error.
Finally,
vip_network_id
can be used in place of
vip_subnet_id
. When this option is used, the VIP port is
created on the given network using the default behavior. If
assigned multiple fixed IPs, an IPv4 addresses is chosen as the
VIP in preference to IPv6 addresses.
Normal response codes: 201
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer | body | object |
A
loadbalancer
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| flavor (Optional) | body | string | The ID of the flavor. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| provider (Optional) | body | string | Provider name of the load balancer service. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| vip_address | body | string | The IP address of the VIP . |
| vip_subnet_id (Optional) | body | string | The ID of the subnet on which to allocate the virtual IP (VIP) address. This option is required if no vip_network_id is given. |
{
"loadbalancer "
:
{
"name "
:
"loadbalancer1 "
,
"description "
:
"simple lb "
,
"project_id "
:
"b7c1a69e88bf4b21a8148f787aef2081 "
,
"tenant_id "
:
"b7c1a69e88bf4b21a8148f787aef2081 "
,
"vip_subnet_id "
:
"013d3059-87a4-45a5-91e9-d721068ae0b2 "
,
"vip_address "
:
"10.0.0.4 "
,
"admin_state_up "
:
true
,
"flavor "
:
"a7ae5d5a-d855-4f9a-b187-af66b53f4d04 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer | body | object |
A
loadbalancer
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| flavor | body | string | The ID of the flavor. |
| id | body | string | The ID of the load balancer. |
| listeners | body | array | The associated listeners, if any. |
| name | body | string | Human-readable name of the resource. |
| operating_status | body | string |
The operating status of the load balancer. This
value is
ONLINE
or
OFFLINE
.
|
| project_id | body | string | The ID of the project. |
| provider | body | string | Provider name of the load balancer service. |
| provisioning_status | body | string |
The provisioning status of the load balancer.
This value is
ACTIVE
,
PENDING_CREATE
or
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| vip_address | body | string | The IP address of the VIP . |
| vip_network_id (Optional) | body | string | The ID of the network on which to allocate the virtual IP (VIP) address. This option is required if no vip_subnet_id is given. |
| vip_subnet_id (Optional) | body | string | The ID of the subnet on which to allocate the virtual IP (VIP) address. This option is required if no vip_network_id is given. |
| pools | body | array |
A list of
pool
objects.
|
{
"loadbalancer "
:
{
"admin_state_up "
:
true
,
"description "
:
"simple lb "
,
"id "
:
"a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"listeners "
:
[],
"name "
:
"loadbalancer1 "
,
"operating_status "
:
"ONLINE "
,
"provisioning_status "
:
"ACTIVE "
,
"project_id "
:
"b7c1a69e88bf4b21a8148f787aef2081 "
,
"tenant_id "
:
"b7c1a69e88bf4b21a8148f787aef2081 "
,
"vip_address "
:
"10.0.0.4 "
,
"vip_subnet_id "
:
"013d3059-87a4-45a5-91e9-d721068ae0b2 "
,
"flavor "
:
"a7ae5d5a-d855-4f9a-b187-af66b53f4d04 "
,
"provider "
:
"sample_provider "
,
"pools "
:
[]
}
}
Shows details for a load balancer.
This operation returns a load balancer object, by ID. If you are
not an administrative user and the load balancer object does not
belong to your project, the service returns the HTTP
Forbidden
(403)
response code.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer_id | path | string | The ID of the load balancer. |
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer | body | object |
A
loadbalancer
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| id | body | string | The ID of the load balancer. |
| listeners | body | array | The associated listeners, if any. |
| name | body | string | Human-readable name of the resource. |
| operating_status | body | string |
The operating status of the load balancer. This
value is
ONLINE
or
OFFLINE
.
|
| project_id | body | string | The ID of the project. |
| provisioning_status | body | string |
The provisioning status of the load balancer.
This value is
ACTIVE
,
PENDING_CREATE
or
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| vip_address | body | string | The IP address of the VIP . |
| vip_subnet_id (Optional) | body | string | The ID of the subnet on which to allocate the virtual IP (VIP) address. This option is required if no vip_network_id is given. |
| pools | body | array |
A list of
pool
objects.
|
{
"loadbalancer "
:
{
"description "
:
"simple lb "
,
"admin_state_up "
:
true
,
"project_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"tenant_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"provisioning_status "
:
"ACTIVE "
,
"listeners "
:
[],
"vip_address "
:
"10.0.0.2 "
,
"vip_subnet_id "
:
"013d3059-87a4-45a5-91e9-d721068ae0b2 "
,
"id "
:
"a9729389-6147-41a3-ab22-a24aed8692b2 "
,
"operating_status "
:
"ONLINE "
,
"name "
:
"loadbalancer1 "
,
"pools "
:
[]
}
}
Updates a load balancer.
If the request is valid, the service returns the
Accepted
(202)
response code. To confirm the update, check that the load balancer
provisioning status is
ACTIVE
. If the status is
PENDING_UPDATE
, use a GET operation to poll the load balancer
object for changes.
This operation returns the updated load balancer object with the
ACTIVE
,
PENDING_UPDATE
, or
ERROR
provisioning status.
Normal response codes: 202
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer_id | path | string | The ID of the load balancer. |
| loadbalancer | body | object |
A
loadbalancer
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"loadbalancer "
:
{
"admin_state_up "
:
false
,
"description "
:
"simple lb2 "
,
"name "
:
"loadbalancer2 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer | body | object |
A
loadbalancer
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| flavor | body | string | The ID of the flavor. |
| id | body | string | The ID of the load balancer. |
| listeners | body | array | The associated listeners, if any. |
| name | body | string | Human-readable name of the resource. |
| operating_status | body | string |
The operating status of the load balancer. This
value is
ONLINE
or
OFFLINE
.
|
| project_id | body | string | The ID of the project. |
| provider | body | string | Provider name of the load balancer service. |
| provisioning_status | body | string |
The provisioning status of the load balancer.
This value is
ACTIVE
,
PENDING_CREATE
or
ERROR
.
|
| tenant_id | body | string | The ID of the project. |
| vip_address | body | string | The IP address of the VIP . |
| vip_subnet_id (Optional) | body | string | The ID of the subnet on which to allocate the virtual IP (VIP) address. This option is required if no vip_network_id is given. |
| pools | body | array |
A list of
pool
objects.
|
{
"loadbalancer "
:
{
"admin_state_up "
:
false
,
"description "
:
"simple lb2 "
,
"id "
:
"a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"listeners "
:
[],
"name "
:
"loadbalancer2 "
,
"operating_status "
:
"ONLINE "
,
"provisioning_status "
:
"PENDING_UPDATE "
,
"project_id "
:
"b7c1a69e88bf4b21a8148f787aef2081 "
,
"tenant_id "
:
"b7c1a69e88bf4b21a8148f787aef2081 "
,
"vip_address "
:
"10.0.0.4 "
,
"vip_subnet_id "
:
"013d3059-87a4-45a5-91e9-d721068ae0b2 "
,
"flavor "
:
"a7ae5d5a-d855-4f9a-b187-af66b53f4d04 "
,
"provider "
:
"sample_provider "
,
"pools "
:
[]
}
}
Removes a load balancer and its associated configuration from the project.
The API immediately purges any and all configuration data. You cannot recover it.
Example: Delete a load balancer
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer_id | path | string | The ID of the load balancer. |
There is no body content for the response of a successful DELETE request.
Shows the status tree for a load balancer.
This operation returns a status tree for a load balancer object, by
load balancer ID. If you are not an administrative user and the
load balancer object does not belong to the project, the API
returns the
Forbidden
(403)
response code.
If the operation succeeds, the returned element is a status tree that contains the load balancer and all provisioning and operating statuses for its children.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| loadbalancer_id | path | string | The ID of the load balancer. |
| Name | In | Type | Description |
|---|---|---|---|
| statuses | body | object | The status tree of a load balancer object contains all provisioning and operating statuses for its children. |
| loadbalancer | body | object |
A
loadbalancer
object.
|
| listeners | body | array | The associated listeners, if any. |
| pools | body | array | List of pools that are associated with the health monitor. |
| healthmonitor | body | object |
A
healthmonitor
object.
|
| id | body | string | The ID of the load balancer. |
| members | body | array | The list of members that belong to the pool. |
| operating_status | body | string |
The operating status of the load balancer. This
value is
ONLINE
or
OFFLINE
.
|
| provisioning_status | body | string |
The provisioning status of the load balancer.
This value is
ACTIVE
,
PENDING_CREATE
or
ERROR
.
|
{
"statuses "
:
{
"loadbalancer "
:
{
"name "
:
"lb1 "
,
"listeners "
:
[
{
"pools "
:
[
{
"name "
:
"pool1 "
,
"provisioning_status "
:
"ACTIVE "
,
"healthmonitor "
:
{
"type "
:
"HTTP "
,
"id "
:
"90f7c765-0bc9-47c4-8513-4cc0c264c8f8 "
,
"provisioning_status "
:
"ACTIVE "
},
"members "
:
[
{
"address "
:
"10.0.0.4 "
,
"protocol_port "
:
80
,
"id "
:
"32723bee-2484-4de3-b6fc-c0b98d35fc84 "
,
"operating_status "
:
"ONLINE "
,
"provisioning_status "
:
"ACTIVE "
},
{
"address "
:
"10.0.0.3 "
,
"protocol_port "
:
80
,
"id "
:
"173b8164-0c9a-43ec-ab33-4ae0e7a8f863 "
,
"operating_status "
:
"ONLINE "
,
"provisioning_status "
:
"ACTIVE "
}
],
"id "
:
"ae6f93b8-a3f6-46cd-bb18-c2ab0308abf7 "
,
"operating_status "
:
"ONLINE "
}
],
"name "
:
"listener1 "
,
"id "
:
"c2a41fbe-b70a-4645-bb11-4d3c28f23a25 "
,
"operating_status "
:
"ONLINE "
,
"provisioning_status "
:
"ACTIVE "
}
],
"id "
:
"a4c19566-6f81-4c96-ac11-33954a9825a2 "
,
"operating_status "
:
"ONLINE "
,
"provisioning_status "
:
"ACTIVE "
}
}
}
Lists all listeners.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
This operation lists all listeners that are associated with your project.
The list might be empty.
Example: List listeners
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| listeners | body | array |
A list of
listeners
objects.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| connection_limit | body | integer |
The maximum number of connections allowed for the
VIP. Value is
-1
if the limit is not set. Default
is infinite.
|
| default_pool_id | body | string | The ID of default pool. Must have compatible protocol with listener. |
| default_tls_container_ref | body | string | A reference to a container of TLS secrets. |
| description | body | string | A human-readable description for the resource. |
| id | body | string | The ID of the listener. |
| loadbalancers | body | array | A list of load balancer objects. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| sni_container_refs | body | array | A list of references to TLS secrets. |
| tenant_id | body | string | The ID of the project. |
{
"listeners "
:
[
{
"admin_state_up "
:
true
,
"connection_limit "
:
100
,
"default_pool_id "
:
null
,
"description "
:
""
,
"id "
:
"35cb8516-1173-4035-8dae-0dae3453f37f "
,
"loadbalancers "
:
[
{
"id "
:
"a9729389-6147-41a3-ab22-a24aed8692b2 "
}
],
"name "
:
""
,
"protocol "
:
"HTTP "
,
"protocol_port "
:
80
,
"project_id "
:
"3e4d8bec50a845fcb09e03a4375c691d "
,
"tenant_id "
:
"3e4d8bec50a845fcb09e03a4375c691d "
,
"default_tls_container_ref "
:
"https://barbican.endpoint/containers/a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"sni_container_refs "
:
[
"https://barbican.endpoint/containers/b36c20d0-18e9-42ce-88fd-82a35977ee8d "
,
"https://barbican.endpoint/containers/c36c20d0-18e9-42ce-88fd-82a35977ee8e "
]
}
]
}
Creates a listener.
This operation provisions a new listener by using the configuration that you define in the request object. After the request is validated and the provisioning process begins, a response object is returned. The object contains a unique identifier.
At a minimum, you must specify these listener attributes:
project_id
. Admin only. Required to create a listener for
another project.
loadbalancer_id
. The load balancer on which to provision this
listener. A project can only create listeners on load balancers
that the policy authorizes. For example, her own load balancers.
description
. The load balancer description.
protocol
. The protocol for which the front end listens. Must
be
HTTP
,
HTTPS
,
TCP
, or
TERMINATED_HTTPS
.
protocol_port
. The port on which the front end listens. Must
be an integer from 1 to 65535.
Some attributes receive default values if you omit them from the request:
default_tls_container_ref
. The reference to a container that
holds TLS secrets. If you also specify
sni_container_refs
,
this container is the default. This parameter is required for the
TERMINATED_HTTPS
protocol.
sni_container_refs
. A list of references to containers that
hold TLS secrets for server name indication (SNI). This parameter
is required for the
TERMINATED_HTTPS
protocol.
admin_state_up
. Default is
true
.
name
. Default is an empty string.
description
. Default is an empty string.
connection_limit
. Default is
-1
, which indicates an
infinite limit.
If the API cannot fulfill the request due to insufficient data or
data that is not valid, the service returns the HTTP
Bad
Request
(400)
response code with information about the failure in the
response body. Validation errors require that you correct the error
and submit the request again.
You can configure all documented features of the listener at creation time by specifying the additional elements or attributes in the request.
Administrative users can specify a project ID that is different than their own to create listeners for other projects.
To update a listener, the load balancer to which to attach must
have an
ACTIVE
provisioning status.
Normal response codes: 201
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| listener | body | object |
A
listener
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| connection_limit (Optional) | body | integer | The maximum number of connections permitted for this load balancer. Default is infinite. |
| default_pool_id (Optional) | body | string | The ID of default pool. Must have compatible protocol with listener. |
| default_tls_container_ref (Optional) | body | string | A reference to a container of TLS secrets. |
| description | body | string | A human-readable description for the resource. |
| loadbalancer_id | body | string | The ID of the load balancer. |
| name | body | string | Human-readable name of the resource. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| sni_container_refs (Optional) | body | array | A list of references to TLS secrets. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
{
"listener "
:
{
"admin_state_up "
:
true
,
"connection_limit "
:
100
,
"description "
:
"listener one "
,
"loadbalancer_id "
:
"a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"name "
:
"listener1 "
,
"protocol "
:
"HTTP "
,
"protocol_port "
:
80
,
"default_tls_container_ref "
:
"https://barbican.endpoint/containers/a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"sni_container_refs "
:
[
"https://barbican.endpoint/containers/b36c20d0-18e9-42ce-88fd-82a35977ee8d "
,
"https://barbican.endpoint/containers/c36c20d0-18e9-42ce-88fd-82a35977ee8e "
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| listener | body | object |
A
listener
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| connection_limit | body | integer |
The maximum number of connections allowed for the
VIP. Value is
-1
if the limit is not set. Default
is infinite.
|
| default_pool_id | body | string | The ID of default pool. Must have compatible protocol with listener. |
| default_tls_container_ref | body | string | A reference to a container of TLS secrets. |
| description | body | string | A human-readable description for the resource. |
| id | body | string | The ID of the listener. |
| loadbalancers | body | array | A list of load balancer objects. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| sni_container_refs | body | array | A list of references to TLS secrets. |
| tenant_id | body | string | The ID of the project. |
{
"listener "
:
{
"admin_state_up "
:
true
,
"connection_limit "
:
100
,
"default_pool_id "
:
null
,
"description "
:
"listener one "
,
"id "
:
"39de4d56-d663-46e5-85a1-5b9d5fa17829 "
,
"loadbalancers "
:
[
{
"id "
:
"a36c20d0-18e9-42ce-88fd-82a35977ee8c "
}
],
"name "
:
"listener1 "
,
"protocol "
:
"HTTP "
,
"protocol_port "
:
80
,
"project_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"tenant_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"default_tls_container_ref "
:
"https://barbican.endpoint/containers/a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"sni_container_refs "
:
[
"https://barbican.endpoint/containers/b36c20d0-18e9-42ce-88fd-82a35977ee8d "
,
"https://barbican.endpoint/containers/c36c20d0-18e9-42ce-88fd-82a35977ee8e "
]
}
}
Shows details for a listener.
This operation returns a listener object, by ID. If you are not an
administrative user and the listener object does not belong to your
account, the API returns the HTTP
Forbidden
(403)
response
code.
Example: Show listener details
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| listener_id | path | string | The ID of the listener. |
| Name | In | Type | Description |
|---|---|---|---|
| listener | body | object |
A
listener
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| connection_limit | body | integer |
The maximum number of connections allowed for the
VIP. Value is
-1
if the limit is not set. Default
is infinite.
|
| id | body | string | The ID of the listener. |
| default_pool_id | body | string | The ID of default pool. Must have compatible protocol with listener. |
| default_tls_container_ref | body | string | A reference to a container of TLS secrets. |
| description | body | string | A human-readable description for the resource. |
| loadbalancers | body | array | A list of load balancer objects. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| sni_container_refs | body | array | A list of references to TLS secrets. |
| tenant_id | body | string | The ID of the project. |
{
"listener "
:
{
"admin_state_up "
:
true
,
"connection_limit "
:
100
,
"default_pool_id "
:
null
,
"description "
:
""
,
"id "
:
"35cb8516-1173-4035-8dae-0dae3453f37f "
,
"loadbalancers "
:
[
{
"id "
:
"a9729389-6147-41a3-ab22-a24aed8692b2 "
}
],
"name "
:
""
,
"protocol "
:
"HTTP "
,
"protocol_port "
:
80
,
"project_id "
:
"3e4d8bec50a845fcb09e03a4375c691d "
,
"tenant_id "
:
"3e4d8bec50a845fcb09e03a4375c691d "
,
"default_tls_container_ref "
:
"https://barbican.endpoint/containers/a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"sni_container_refs "
:
[
"https://barbican.endpoint/containers/b36c20d0-18e9-42ce-88fd-82a35977ee8d "
,
"https://barbican.endpoint/containers/c36c20d0-18e9-42ce-88fd-82a35977ee8e "
]
}
}
Updates a listener.
This operation updates the attributes of a listener. Upon
successful validation of the request, the service returns the HTTP
Accepted
(202)
response code.
Note: You cannot update the
listener_id
,
project_id
,
loadbalancer_id
,
loadbalancers
,
default_pool_id
,
protocol
, and
protocol_port
attributes. Attempting to
update an immutable attribute results in the HTTP
Immutable
(422)
response code.
Note: You cannot update a listener if the load balancer to which
the listener is attached does not have an
ACTIVE
provisioning
status.
Normal response codes: 202
Error response codes: 401, 404, 422
| Name | In | Type | Description |
|---|---|---|---|
| listener_id | path | string | The ID of the listener. |
| listener | body | object |
A
listener
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| connection_limit (Optional) | body | integer | The maximum number of connections permitted for this load balancer. Default is infinite. |
| default_tls_container_ref (Optional) | body | string | A reference to a container of TLS secrets. |
| description | body | string | A human-readable description for the resource. |
| name | body | string | Human-readable name of the resource. |
| sni_container_refs (Optional) | body | array | A list of references to TLS secrets. |
{
"listener "
:
{
"admin_state_up "
:
false
,
"connection_limit "
:
200
,
"description "
:
"listener two "
,
"name "
:
"listener2 "
,
"default_tls_container_ref "
:
"https://barbican.endpoint/containers/a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"sni_container_refs "
:
[
"https://barbican.endpoint/containers/b36c20d0-18e9-42ce-88fd-82a35977ee8d "
,
"https://barbican.endpoint/containers/c36c20d0-18e9-42ce-88fd-82a35977ee8e "
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| listener | body | object |
A
listener
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| connection_limit | body | integer |
The maximum number of connections allowed for the
VIP. Value is
-1
if the limit is not set. Default
is infinite.
|
| default_pool_id | body | string | The ID of default pool. Must have compatible protocol with listener. |
| default_tls_container_ref | body | string | A reference to a container of TLS secrets. |
| description | body | string | A human-readable description for the resource. |
| id | body | string | The ID of the listener. |
| loadbalancers | body | array | A list of load balancer objects. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| sni_container_refs | body | array | A list of references to TLS secrets. |
| tenant_id | body | string | The ID of the project. |
{
"listener "
:
{
"admin_state_up "
:
false
,
"connection_limit "
:
200
,
"default_pool_id "
:
null
,
"description "
:
"listener two "
,
"id "
:
"39de4d56-d663-46e5-85a1-5b9d5fa17829 "
,
"loadbalancers "
:
[
{
"id "
:
"a36c20d0-18e9-42ce-88fd-82a35977ee8c "
}
],
"name "
:
"listener2 "
,
"protocol "
:
"HTTP "
,
"protocol_port "
:
80
,
"project_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"tenant_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"default_tls_container_ref "
:
"https://barbican.endpoint/containers/a36c20d0-18e9-42ce-88fd-82a35977ee8c "
,
"sni_container_refs "
:
[
"https://barbican.endpoint/containers/b36c20d0-18e9-42ce-88fd-82a35977ee8d "
,
"https://barbican.endpoint/containers/c36c20d0-18e9-42ce-88fd-82a35977ee8e "
]
}
}
Removes a listener.
This operation removes a listener and its associated configuration from the project. The API immediately purges any and all configuration data. You cannot recover it.
You cannot delete a listener if the load balancer to which it is
attached does not have an
ACTIVE
provisioning status.
Example: Delete a listener
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| listener_id | path | string | The ID of the listener. |
There is no body content for the response of a successful DELETE request.
Lists all pools that are associated with your project.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
The list might be empty.
Example: List pools
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| pools | body | array |
A list of
pool
objects.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| listeners | body | array | The associated listeners, if any. |
| session_persistence | body | object |
A JSON object specifying the session persistence for the pool
or
null
for no session persistence. Default is
null
.
|
| healthmonitor_id (Optional) | body | string | The UUID of the health monitor. |
| id | body | string | The ID of the pool. |
| lb_algorithm | body | string |
The load-balancer algorithm, which is round-robin
(
ROUND_ROBIN
), least-connections (
LEAST_CONNECTIONS
),
source IP (
SOURCE_IP
), and so on, that is used to distribute
traffic to the pool members. This value, which must be supported,
is dependent on the load-balancer provider. The round-robin
algorithm must be supported.
|
| members | body | array | The list of members that belong to the pool. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| tenant_id | body | string | The ID of the project. |
{
"pools "
:
[
{
"lb_algorithm "
:
"ROUND_ROBIN "
,
"protocol "
:
"HTTP "
,
"description "
:
""
,
"healthmonitor_id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
,
"session_persistence "
:
{
"cookie_name "
:
null
,
"type "
:
"SOURCE_IP "
},
"listeners "
:
[
{
"id "
:
"023f2e34-7806-443b-bfae-16c324569a3d "
}
],
"members "
:
[
"cf024846-7516-4e3a-b0fb-6590322c836f "
],
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
,
"name "
:
"pool1 "
,
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
}
]
}
Creates a pool.
This operation provisions a pool by using the configuration that you define in the request object. After the API validates the request and starts the provisioning process, the API returns a response object, which contains a unique ID.
At a minimum, you must specify these pool attributes:
project_id
. Admin only. Required to create a pool for another
project.
protocol
. The protocol for which this pool and its members
listen. A valid value is
TCP
,
HTTP
, or
HTTPS
.
lb_algorithm
. The load-balancer algorithm, such as
ROUND_ROBIN
,
LEAST_CONNECTIONS
, and
SOURCE_IP
, that
distributes traffic to the pool members. The load-balancer
provider must support this algorithm.
listener_id
. The ID of the listener in which this pool
becomes the default pool. Each listener has only one default
pool.
Some attributes receive default values if you omit them from the request:
admin_state_up
. Default is
true
.
name
. Default is an empty string.
description
. Default is an empty string.
session_persistence
. Default is an empty dictionary.
If the API cannot fulfill the request due to insufficient data or
data that is not valid, the service returns the HTTP
Bad
Request
(400)
response code with information about the failure in the
response body. Validation errors require that you correct the error
and submit the request again.
Users can configure all documented features at creation time by providing the additional elements or attributes in the request.
Administrative users can specify a project ID that is different than their own to create pools for other projects.
To update a pool, the load balancer to which to attach must have an
ACTIVE
provisioning status.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| pool | body | object |
A
pool
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| lb_algorithm | body | string |
The load-balancer algorithm, which is round-robin
(
ROUND_ROBIN
), least-connections (
LEAST_CONNECTIONS
),
source IP (
SOURCE_IP
), and so on, that is used to distribute
traffic to the pool members. This value, which must be supported,
is dependent on the load-balancer provider. The round-robin
algorithm must be supported.
|
| listener_id | body | string | The ID of the listener. |
| session_persistence (Optional) | body | object |
A JSON object specifying the session persistence for the pool
or
null
for no session persistence. Default is
null
.
|
| name | body | string | Human-readable name of the resource. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| protocol | body | string |
The IP protocol can be represented by a string, an integer, or
null
.
Valid string or integer values are
any
or
0
,
ah
or
51
,
dccp
or
33
,
egp
or
8
,
esp
or
50
,
gre
or
47
,
icmp
or
1
,
icmpv6
or
58
,
igmp
or
2
,
ipip
or
4
,
ipv6-encap
or
41
,
ipv6-frag
or
44
,
ipv6-icmp
or
58
,
ipv6-nonxt
or
59
,
ipv6-opts
or
60
,
ipv6-route
or
43
,
ospf
or
89
,
pgm
or
113
,
rsvp
or
46
,
sctp
or
132
,
tcp
or
6
,
udp
or
17
,
udplite
or
136
,
vrrp
or
112
. Additionally, any integer value between [0-255] is
also valid. The string
any
(or integer
0
) means
all
IP
protocols. See the constants in
neutron_lib.constants
for the most
up-to-date list of supported strings.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
{
"pool "
:
{
"admin_state_up "
:
true
,
"description "
:
"simple pool "
,
"lb_algorithm "
:
"ROUND_ROBIN "
,
"session_persistence "
:
{
"cookie_name "
:
"Cookie "
,
"type "
:
"APP_COOKIE "
},
"name "
:
"my-pool "
,
"protocol "
:
"HTTP "
,
"listener_id "
:
"39de4d56-d663-46e5-85a1-5b9d5fa17829 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| pool | body | object |
A
pool
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| healthmonitor_id (Optional) | body | string | The UUID of the health monitor. |
| id | body | string | The ID of the pool. |
| lb_algorithm | body | string |
The load-balancer algorithm, which is round-robin
(
ROUND_ROBIN
), least-connections (
LEAST_CONNECTIONS
),
source IP (
SOURCE_IP
), and so on, that is used to distribute
traffic to the pool members. This value, which must be supported,
is dependent on the load-balancer provider. The round-robin
algorithm must be supported.
|
| listeners | body | array | The associated listeners, if any. |
| session_persistence | body | object |
A JSON object specifying the session persistence for the pool
or
null
for no session persistence. Default is
null
.
|
| members | body | array | The list of members that belong to the pool. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| tenant_id | body | string | The ID of the project. |
{
"pool "
:
{
"lb_algorithm "
:
"ROUND_ROBIN "
,
"protocol "
:
"HTTP "
,
"description "
:
"simple pool "
,
"healthmonitor_id "
:
null
,
"members "
:
[],
"session_persistence "
:
{
"cookie_name "
:
"Cookie "
,
"type "
:
"APP_COOKIE "
},
"listeners "
:
[
{
"id "
:
"39de4d56-d663-46e5-85a1-5b9d5fa17829 "
}
],
"id "
:
"af95e0ce-8a26-4f29-9524-db41e7769c73 "
,
"name "
:
"my-pool "
,
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
}
}
Shows details for a pool.
This operation shows details for a pool, by ID. If you are not an
administrative user and the pool object does not belong to your
project, the call returns the HTTP
Forbidden
(403)
response code.
If this operation succeeds, it returns a
pool
element.
Example: Show pool details
Normal response codes: 200
Error response codes: 403
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| Name | In | Type | Description |
|---|---|---|---|
| pool | body | object |
A
pool
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| healthmonitor_id (Optional) | body | string | The UUID of the health monitor. |
| lb_algorithm | body | string |
The load-balancer algorithm, which is round-robin
(
ROUND_ROBIN
), least-connections (
LEAST_CONNECTIONS
),
source IP (
SOURCE_IP
), and so on, that is used to distribute
traffic to the pool members. This value, which must be supported,
is dependent on the load-balancer provider. The round-robin
algorithm must be supported.
|
| listeners | body | array | The associated listeners, if any. |
| session_persistence | body | object |
A JSON object specifying the session persistence for the pool
or
null
for no session persistence. Default is
null
.
|
| members | body | array | The list of members that belong to the pool. |
| id | body | string | The ID of the pool. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| tenant_id | body | string | The ID of the project. |
{
"pool "
:
{
"lb_algorithm "
:
"ROUND_ROBIN "
,
"protocol "
:
"HTTP "
,
"description "
:
""
,
"healthmonitor_id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
,
"members "
:
[
"cf024846-7516-4e3a-b0fb-6590322c836f "
],
"session_persistence "
:
{
"cookie_name "
:
"Cookie1 "
,
"type "
:
"APP_COOKIE "
},
"listeners "
:
[
{
"id "
:
"023f2e34-7806-443b-bfae-16c324569a3d "
}
],
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
,
"name "
:
"pool1 "
,
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
}
}
Updates a pool.
This operation updates the attributes of a pool. Upon successful
validation of the request, the service returns the HTTP
Accepted
(202)
response code.
Note: You cannot update the pool ID,
project_id
,
listener_id
,
listeners
,
healthmonitor_id
,
protocol
, and
members
immutable attributes. If you try to
update any of these attributes, the service returns the HTTP
Immutable
(422)
response code .
Note: You cannot update a pool if the load balancer to which it is
attached does not have an
ACTIVE
provisioning status.
Normal response codes: 202
Error response codes: 401, 404, 422
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| pool | body | object |
A
pool
object.
|
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| lb_algorithm | body | string |
The load-balancer algorithm, which is round-robin
(
ROUND_ROBIN
), least-connections (
LEAST_CONNECTIONS
),
source IP (
SOURCE_IP
), and so on, that is used to distribute
traffic to the pool members. This value, which must be supported,
is dependent on the load-balancer provider. The round-robin
algorithm must be supported.
|
| name | body | string | Human-readable name of the resource. |
| session_persistence (Optional) | body | object |
A JSON object specifying the session persistence for the pool
or
null
for no session persistence. Default is
null
.
|
{
"pool "
:
{
"name "
:
"SuperPool "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| pool | body | object |
A
pool
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| description | body | string | A human-readable description for the resource. |
| healthmonitor_id (Optional) | body | string | The UUID of the health monitor. |
| id | body | string | The ID of the pool. |
| lb_algorithm | body | string |
The load-balancer algorithm, which is round-robin
(
ROUND_ROBIN
), least-connections (
LEAST_CONNECTIONS
),
source IP (
SOURCE_IP
), and so on, that is used to distribute
traffic to the pool members. This value, which must be supported,
is dependent on the load-balancer provider. The round-robin
algorithm must be supported.
|
| listeners | body | array | The associated listeners, if any. |
| session_persistence | body | object |
A JSON object specifying the session persistence for the pool
or
null
for no session persistence. Default is
null
.
|
| members | body | array | The list of members that belong to the pool. |
| name | body | string | Human-readable name of the resource. |
| project_id | body | string | The ID of the project. |
| protocol | body | string |
The IP protocol. Valid value is
icmp
,
tcp
,
udp
, or
null
. No default.
|
| tenant_id | body | string | The ID of the project. |
{
"pool "
:
{
"lb_algorithm "
:
"ROUND_ROBIN "
,
"protocol "
:
"HTTP "
,
"description "
:
""
,
"healthmonitor_id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
,
"members "
:
[
"cf024846-7516-4e3a-b0fb-6590322c836f "
],
"session_persistence "
:
{
"cookie_name "
:
null
,
"type "
:
"SOURCE_IP "
},
"listeners "
:
[
{
"id "
:
"023f2e34-7806-443b-bfae-16c324569a3d "
}
],
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
,
"name "
:
"SuperPool "
,
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
}
}
Removes a pool.
This operation removes a pool and its associated configuration from the project. The API immediately purges any and all configuration data. You cannot recover it.
You cannot delete a pool if the load balancer to which it is
attached does not have an
ACTIVE
provisioning status.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
There is no body content for the response of a successful DELETE request.
Lists members of a pool.
Lists all members that are associated with a pool that is
associated with your project. The list of members includes
only members that belong to the pool object identified by
pool_id
.
The list might be empty.
Example: List pool members
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| Name | In | Type | Description |
|---|---|---|---|
| members | body | array | The list of members that belong to the pool. |
| address | body | string | The IP address of the member. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| id | body | string | The ID of the member. |
| project_id | body | string | The ID of the project. |
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| subnet_id | body | string | The subnet on which the members of the pool will be located. |
| tenant_id | body | string | The ID of the project. |
| weight | body | integer | The weight of a member determines the portion of requests or connections it services compared to the other members of the pool. For example, a member with a weight of 10 receives five times as much traffic as a member with a weight of 2. A value of 0 means the member does not participate in load- balancing but still accepts persistent connections. A valid value is from 0 to 256. |
{
"members "
:
[
{
"address "
:
"10.0.0.8 "
,
"admin_state_up "
:
true
,
"id "
:
"9a7aff27-fd41-4ec1-ba4c-3eb92c629313 "
,
"protocol_port "
:
80
,
"subnet_id "
:
"013d3059-87a4-45a5-91e9-d721068ae0b2 "
,
"project_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"tenant_id "
:
"1a3e005cf9ce40308c900bcb08e5320c "
,
"weight "
:
1
}
]
}
Adds a member to a pool.
This operation provisions a member and adds it to a pool by using the configuration that you define in the request object. After the API validates the request and starts the provisioning process, it returns a response object, which contains a unique ID.
At a minimum, you must specify these pool attributes:
project_id
. Admin only. Required to create a pool for another
project.
address
. The IP address of the member to receive traffic from
the load balancer.
protocol_port
The port on which the member listens for
traffic.
Some attributes receive default values if you omit them from the request:
admin_state_up
. Default is
true
.
weight
. Default is
1
.
If you omit the
subnet_id
parameter, LBaaS uses the
vip_subnet_id
parameter value for the subnet UUID.
If the request fails due to incorrect data, the service returns the
HTTP
Bad
Request
(400)
response code with information about the
failure in the response body. Validation errors require that you
correct the error and submit the request again.
To configure all documented member features at creation time, specify additional elements or attributes in the request.
Administrative users can specify a project ID that is different than their own to create members for other projects.
To update a member, the load balancer must have an
ACTIVE
provisioning status.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| address | body | string | The IP address of the member. |
| member | body | object |
A
member
object.
|
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| subnet_id (Optional) | body | string |
If you omit this parameter, LBaaS uses the
vip_subnet_id
parameter value for the subnet UUID.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
{
"member "
:
{
"address "
:
"10.0.0.22 "
,
"admin_state_up "
:
true
,
"protocol_port "
:
"90 "
,
"pool_id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
,
"weight "
:
"1 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| member | body | object |
A
member
object.
|
| address | body | string | The IP address of the member. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| id | body | string | The ID of the member. |
| project_id | body | string | The ID of the project. |
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| subnet_id | body | string | The subnet on which the members of the pool will be located. |
| tenant_id | body | string | The ID of the project. |
| weight | body | integer | The weight of a member determines the portion of requests or connections it services compared to the other members of the pool. For example, a member with a weight of 10 receives five times as much traffic as a member with a weight of 2. A value of 0 means the member does not participate in load- balancing but still accepts persistent connections. A valid value is from 0 to 256. |
{
"member "
:
{
"admin_state_up "
:
true
,
"weight "
:
1
,
"address "
:
"10.0.1.22 "
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"protocol_port "
:
90
,
"id "
:
"cf024846-7516-4e3a-b0fb-6590322c836f "
,
"subnet_id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
}
Shows details for a pool member.
This operation returns a member object identified by
member_id
that belongs to a pool object identified by
pool_id
. If you are
not an administrative user and the pool or member object does not
belong to your project, the service returns the HTTP
Forbidden
(403)
response code.
If this operation succeeds, it returns a pool element.
Example: Show pool member details
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| member_id | path | string | The ID for the member. |
| Name | In | Type | Description |
|---|---|---|---|
| member | body | object |
A
member
object.
|
| address | body | string | The IP address of the member. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| id | body | string | The ID of the member. |
| project_id | body | string | The ID of the project. |
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| subnet_id | body | string | The subnet on which the members of the pool will be located. |
| tenant_id | body | string | The ID of the project. |
| weight | body | integer | The weight of a member determines the portion of requests or connections it services compared to the other members of the pool. For example, a member with a weight of 10 receives five times as much traffic as a member with a weight of 2. A value of 0 means the member does not participate in load- balancing but still accepts persistent connections. A valid value is from 0 to 256. |
{
"member "
:
{
"admin_state_up "
:
true
,
"weight "
:
1
,
"address "
:
"10.0.1.22 "
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"protocol_port "
:
90
,
"id "
:
"cf024846-7516-4e3a-b0fb-6590322c836f "
,
"subnet_id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
}
Updates attributes for a pool member.
Upon successful validation of the request, the service returns the
HTTP
OK
(200)
response code.
Note: You cannot update the member ID,
project_id
,
address
,
protocol_port
, and
subnet_id
attributes. If
you attempt to update any of these attributes, the service returns
the HTTP
Immutable
(422)
response code.
Note: You cannot update a member if the attached load balancer does
not have an
ACTIVE
provisioning status.
Normal response codes: 200
Error response codes: 401, 404, 422
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| member_id | path | string | The ID for the member. |
| member | body | object |
A
member
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| weight (Optional) | body | integer | The weight of a member determines the portion of requests or connections it services compared to the other members of the pool. For example, a member with a weight of 10 receives five times as much traffic as a member with a weight of 2. A value of 0 means the member does not participate in load- balancing but still accepts persistent connections. A valid value is from 0 to 256. The default is 1. |
{
"member "
:
{
"weight "
:
5
}
}
| Name | In | Type | Description |
|---|---|---|---|
| member | body | object |
A
member
object.
|
| address | body | string | The IP address of the member. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| id | body | string | The ID of the member. |
| project_id | body | string | The ID of the project. |
| protocol_port | body | integer | The TCP or UDP port on which to listen. |
| subnet_id | body | string | The subnet on which the members of the pool will be located. |
| tenant_id | body | string | The ID of the project. |
| weight | body | integer | The weight of a member determines the portion of requests or connections it services compared to the other members of the pool. For example, a member with a weight of 10 receives five times as much traffic as a member with a weight of 2. A value of 0 means the member does not participate in load- balancing but still accepts persistent connections. A valid value is from 0 to 256. |
{
"member "
:
{
"admin_state_up "
:
true
,
"weight "
:
5
,
"address "
:
"10.0.1.22 "
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"protocol_port "
:
90
,
"id "
:
"cf024846-7516-4e3a-b0fb-6590322c836f "
,
"subnet_id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
}
Removes a member from a pool and its associated configuration from the project.
The API immediately purges any and all configuration data. You cannot recover it.
You cannot delete a member if the attached load balancer does not
have an
ACTIVE
provisioning status.
Example: Remove a member from a pool
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| pool_id | path | string | The ID for the pool. |
| member_id | path | string | The ID for the member. |
There is no body content for the response of a successful DELETE request.
Lists health monitors.
This operation lists all health monitors that are associated with your project.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
This operation returns a list, which might be empty.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitors | body | array |
A list of
healthmonitor
objects.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| delay | body | integer | The time, in seconds, between sending probes to members. |
| expected_codes | body | string |
The list of HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values:
The default is 200. |
| http_method | body | string | The HTTP method that the monitor uses for requests. |
| id (Optional) | body | string | The UUID of the health monitor. |
| max_retries | body | integer |
The number of allowed connection failures before
changing the status of the member to
INACTIVE
. A valid value
is from 1 to 10.
|
| name | body | string | Human-readable name of the resource. |
| pools | body | array | List of pools that are associated with the health monitor. |
| project_id | body | string | The ID of the project. |
| tenant_id | body | string | The ID of the project. |
| timeout | body | integer | The maximum time, in seconds, that a monitor waits to connect before it times out. This value must be less than the delay value. |
| type | body | string |
The type of probe sent by the load balancer to
verify the member state. A valid value is
PING
,
TCP
,
HTTP
, or
HTTPS
.
|
| url_path | body | string |
The HTTP path of the request sent by the monitor
to test the health of a member. Must be a string that begins with
a forward slash (
/
). The default is
/
.
|
{
"healthmonitors "
:
[
{
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"delay "
:
1
,
"expected_codes "
:
"200,201,202 "
,
"max_retries "
:
5
,
"name "
:
"healthmonitor1 "
,
"http_method "
:
"GET "
,
"timeout "
:
1
,
"pools "
:
[
{
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
],
"url_path "
:
"/index.html "
,
"type "
:
"HTTP "
,
"id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
}
]
}
Creates a health monitor.
This operation provisions a health monitor by using the configuration that you define in the request object. After the API validates the request and start the provisioning process, it returns a response object. The object contains a unique identifier.
At a minimum, you must specify these health monitor attributes:
project_id
. Admin only. Required to create a health monitor for
another project.
type
. The type of health monitor. A valid value is
TCP
,
HTTP
, or
HTTPS
.
delay
. The interval, in seconds, between health checks.
timeout
. The time, in seconds, after which a health check
times out.
max_retries
. Number of failed health checks before marked as
OFFLINE.
pool_id
. The pool to monitor.
Some attributes receive default values if you omit them from the request, and are only useful when you specify a health monitor type of HTTP(S):
http_method
. Default is
GET
.
url_path
. Default is
/
.
expected_codes
. The expected HTTP status codes to get from a
successful health check. Default is
200
.
admin_state_up
. Default is
true
.
If the API cannot fulfill the request due to insufficient data or
data that is not valid, it returns the
Bad
Request
(400)
response code with information about the nature of the failure in
the response body. Failures in the validation process are non-
recoverable and require that you correct the cause of the failure
and submit the request again.
You can configure all documented features of the health monitor at creation time by specifying the additional elements or attributes in the request.
Administrative users can specify a project ID that is different than their own to create health monitors for other projects.
To update a health monitor, the load balancer to which to attach
must have an
ACTIVE
provisioning status.
Normal response codes: 201
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor | body | object |
A
healthmonitor
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| delay | body | integer | The time, in seconds, between sending probes to members. |
| expected_codes (Optional) | body | string |
The list of HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values:
The default is 200. |
| http_method | body | string | The HTTP method that the monitor uses for requests. |
| max_retries | body | integer |
The number of allowed connection failures before
changing the status of the member to
INACTIVE
. A valid value
is from 1 to 10.
|
| name | body | string | Human-readable name of the resource. |
| pool_id | path | string | The ID for the pool. |
| project_id | body | string | The ID of the project. |
| tenant_id | body | string | The ID of the project. |
| timeout | body | integer | The maximum time, in seconds, that a monitor waits to connect before it times out. This value must be less than the delay value. |
| type | body | string |
The type of probe sent by the load balancer to
verify the member state. A valid value is
PING
,
TCP
,
HTTP
, or
HTTPS
.
|
| url_path (Optional) | body | string |
The HTTP path of the request sent by the monitor
to test the health of a member. A valid value is a string that
begins with a forward slash (
/
).
|
{
"healthmonitor "
:
{
"pool_id "
:
"74aa2010-a59f-4d35-a436-60a6da882819 "
,
"admin_state_up "
:
true
,
"delay "
:
1
,
"expected_codes "
:
"200,201,202 "
,
"http_method "
:
"GET "
,
"max_retries "
:
5
,
"timeout "
:
1
,
"type "
:
"HTTP "
,
"url_path "
:
"/index.html "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor | body | object |
A
healthmonitor
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| delay | body | integer | The time, in seconds, between sending probes to members. |
| expected_codes | body | string |
The list of HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values:
The default is 200. |
| http_method | body | string | The HTTP method that the monitor uses for requests. |
| id (Optional) | body | string | The UUID of the health monitor. |
| max_retries | body | integer |
The number of allowed connection failures before
changing the status of the member to
INACTIVE
. A valid value
is from 1 to 10.
|
| name | body | string | Human-readable name of the resource. |
| pools | body | array | List of pools that are associated with the health monitor. |
| project_id | body | string | The ID of the project. |
| tenant_id | body | string | The ID of the project. |
| timeout | body | integer | The maximum time, in seconds, that a monitor waits to connect before it times out. This value must be less than the delay value. |
| type | body | string |
The type of probe sent by the load balancer to
verify the member state. A valid value is
PING
,
TCP
,
HTTP
, or
HTTPS
.
|
| url_path | body | string |
The HTTP path of the request sent by the monitor
to test the health of a member. Must be a string that begins with
a forward slash (
/
). The default is
/
.
|
{
"healthmonitor "
:
{
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"delay "
:
1
,
"expected_codes "
:
"200,201,202 "
,
"max_retries "
:
5
,
"name "
:
"healthmonitor1 "
,
"http_method "
:
"GET "
,
"timeout "
:
1
,
"pools "
:
[
{
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
],
"url_path "
:
"/index.html "
,
"type "
:
"HTTP "
,
"id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
}
}
Shows details for a health monitor.
This operation returns a health monitor object, by health monitor
ID. If you are not an administrative user and the health monitor
object does not belong to your project, the service returns
the HTTP
Forbidden
(403)
response code.
Example: Show health monitor details
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor_id | path | string | The ID for the health monitor. |
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor | body | object |
A
healthmonitor
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| delay | body | integer | The time, in seconds, between sending probes to members. |
| expected_codes | body | string |
The list of HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values:
The default is 200. |
| http_method | body | string | The HTTP method that the monitor uses for requests. |
| max_retries | body | integer |
The number of allowed connection failures before
changing the status of the member to
INACTIVE
. A valid value
is from 1 to 10.
|
| name | body | string | Human-readable name of the resource. |
| id (Optional) | body | string | The UUID of the health monitor. |
| pools | body | array | List of pools that are associated with the health monitor. |
| project_id | body | string | The ID of the project. |
| tenant_id | body | string | The ID of the project. |
| timeout | body | integer | The maximum time, in seconds, that a monitor waits to connect before it times out. This value must be less than the delay value. |
| type | body | string |
The type of probe sent by the load balancer to
verify the member state. A valid value is
PING
,
TCP
,
HTTP
, or
HTTPS
.
|
| url_path | body | string |
The HTTP path of the request sent by the monitor
to test the health of a member. Must be a string that begins with
a forward slash (
/
). The default is
/
.
|
{
"healthmonitor "
:
{
"admin_state_up "
:
true
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"delay "
:
1
,
"expected_codes "
:
"200,201,202 "
,
"max_retries "
:
5
,
"name "
:
"healthmonitor1 "
,
"http_method "
:
"GET "
,
"timeout "
:
1
,
"pools "
:
[
{
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
],
"url_path "
:
"/index.html "
,
"type "
:
"HTTP "
,
"id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
}
}
Updates a health monitor.
Upon successful validation of the request, the service returns the
HTTP
Accepted
(202)
response code.
Note: The health monitor ID,
project_id
,
pool_id
, and type
are immutable attributes and cannot be updated. If you specify an
unsupported attribute, the service returns the HTTP
Immutable
(422)
response code.
Normal response codes: 202
Error response codes: 401, 404, 422
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor_id | path | string | The ID for the health monitor. |
| healthmonitor | body | object |
A
healthmonitor
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| delay | body | integer | The time, in seconds, between sending probes to members. |
| expected_codes (Optional) | body | string |
The list of HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values:
The default is 200. |
| http_method | body | string | The HTTP method that the monitor uses for requests. |
| max_retries | body | integer |
The number of allowed connection failures before
changing the status of the member to
INACTIVE
. A valid value
is from 1 to 10.
|
| name | body | string | Human-readable name of the resource. |
| timeout | body | integer | The maximum time, in seconds, that a monitor waits to connect before it times out. This value must be less than the delay value. |
| url_path (Optional) | body | string |
The HTTP path of the request sent by the monitor
to test the health of a member. A valid value is a string that
begins with a forward slash (
/
).
|
{
"healthmonitor "
:
{
"admin_state_up "
:
false
,
"delay "
:
2
,
"expected_codes "
:
"200 "
,
"http_method "
:
"POST "
,
"max_retries "
:
2
,
"name "
:
"healthmonitor1 "
,
"timeout "
:
2
,
"url_path "
:
"/page.html "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor | body | object |
A
healthmonitor
object.
|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| delay | body | integer | The time, in seconds, between sending probes to members. |
| expected_codes | body | string |
The list of HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values:
The default is 200. |
| http_method | body | string | The HTTP method that the monitor uses for requests. |
| max_retries | body | integer |
The number of allowed connection failures before
changing the status of the member to
INACTIVE
. A valid value
is from 1 to 10.
|
| name | body | string | Human-readable name of the resource. |
| id (Optional) | body | string | The UUID of the health monitor. |
| pools | body | array | List of pools that are associated with the health monitor. |
| project_id | body | string | The ID of the project. |
| tenant_id | body | string | The ID of the project. |
| timeout | body | integer | The maximum time, in seconds, that a monitor waits to connect before it times out. This value must be less than the delay value. |
| type | body | string |
The type of probe sent by the load balancer to
verify the member state. A valid value is
PING
,
TCP
,
HTTP
, or
HTTPS
.
|
| url_path | body | string |
The HTTP path of the request sent by the monitor
to test the health of a member. Must be a string that begins with
a forward slash (
/
). The default is
/
.
|
{
"healthmonitor "
:
{
"admin_state_up "
:
false
,
"project_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"tenant_id "
:
"eabfefa3fd1740a88a47ad98e132d238 "
,
"delay "
:
2
,
"expected_codes "
:
"200 "
,
"max_retries "
:
2
,
"name "
:
"healthmonitor1 "
,
"http_method "
:
"POST "
,
"timeout "
:
2
,
"pools "
:
[
{
"id "
:
"5a9a3e9e-d1aa-448e-af37-a70171f2a332 "
}
],
"url_path "
:
"/page.html "
,
"type "
:
"HTTP "
,
"id "
:
"b7633ade-24dc-4d72-8475-06aa22be5412 "
}
}
Removes a health monitor and its associated configuration from the project.
The API immediately purges any and all configuration data. You cannot recover it.
You cannot delete a health monitor if the attached load balancer
does not have an
ACTIVE
provisioning status.
Example: Delete a health monitor
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| healthmonitor_id | path | string | The ID for the health monitor. |
There is no body content for the response of a successful DELETE request.
Note
Currently this extension
logging-resource
is only available for networking-midonet.
Lists, shows information for, creates, updates and deletes logging resources.
Lists logging resources.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| logging_resources | body | array |
A list of
logging_resource
objects.
|
| id | body | string | The ID of the logging resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| firewall_logs | body | array |
A list of
firewall_log
objects.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| enabled | body | boolean | Indicates whether this logging resource is enabled or disabled. |
{
"logging_resources "
:
[
{
"description "
:
"my log "
,
"enabled "
:
true
,
"firewall_logs "
:
[],
"id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"name "
:
"log "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
},
{
"description "
:
"my log2 "
,
"enabled "
:
true
,
"firewall_logs "
:
[],
"id "
:
"335c7b7d-c4a9-423a-9c24-9f4982f31e24 "
,
"name "
:
"log2 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
]
}
Creates a logging resource.
Normal response codes: 200
Error response codes: 400, 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource | body | object |
A
logging_resource
object.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| enabled (Optional) | body | boolean | Indicates whether this logging resource is enabled or disabled. Default is false. |
{
"logging_resource "
:
{
"description "
:
"my log "
,
"enabled "
:
true
,
"name "
:
"log "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource | body | object |
A
logging_resource
object.
|
| id | body | string | The ID of the logging resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| firewall_logs | body | array |
A list of
firewall_log
objects.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| enabled | body | boolean | Indicates whether this logging resource is enabled or disabled. |
{
"logging_resource "
:
{
"description "
:
"my log "
,
"enabled "
:
true
,
"firewall_logs "
:
[],
"id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"name "
:
"log "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
}
Shows details for a logging resource.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource | body | object |
A
logging_resource
object.
|
| id | body | string | The ID of the logging resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| firewall_logs | body | array |
A list of
firewall_log
objects.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| enabled | body | boolean | Indicates whether this logging resource is enabled or disabled. |
{
"logging_resource "
:
{
"description "
:
"my log "
,
"enabled "
:
true
,
"firewall_logs "
:
[
{
"description "
:
""
,
"firewall_id "
:
"682cfe44-5fcf-4c16-982e-1176493f6825 "
,
"fw_event "
:
"ALL "
,
"id "
:
"1ee6fea7-c294-418e-9b97-06db48e3f3d5 "
,
"logging_resource_id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
],
"id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"name "
:
"log "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
}
Updates a logging resource.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| logging_resource | body | object |
A
logging_resource
object.
|
| name (Optional) | body | string | Human-readable name of the resource. |
| description (Optional) | body | string | A human-readable description for the resource. |
| enabled (Optional) | body | boolean | Indicates whether this logging resource is enabled or disabled. |
{
"logging_resource "
:
{
"description "
:
"my log2 "
,
"enabled "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource | body | object |
A
logging_resource
object.
|
| id | body | string | The ID of the logging resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| firewall_logs | body | array |
A list of
firewall_log
objects.
|
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| enabled | body | boolean | Indicates whether this logging resource is enabled or disabled. |
{
"logging_resource "
:
{
"description "
:
"my log2 "
,
"enabled "
:
false
,
"firewall_logs "
:
[
{
"description "
:
""
,
"firewall_id "
:
"682cfe44-5fcf-4c16-982e-1176493f6825 "
,
"fw_event "
:
"ALL "
,
"id "
:
"1ee6fea7-c294-418e-9b97-06db48e3f3d5 "
,
"logging_resource_id "
:
"335c7b7d-c4a9-423a-9c24-9f4982f31e24 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
],
"id "
:
"335c7b7d-c4a9-423a-9c24-9f4982f31e24 "
,
"name "
:
"log2 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
}
Note
Currently this extension
logging-resource
is only available for networking-midonet.
Lists, shows information for, creates, updates and deletes firewall logs.
Lists firewall logs.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| firewall_logs | body | array |
A list of
firewall_log
objects.
|
| logging_resource_id | body | string | The ID of the logging resource. |
| id | body | string | The ID of the firewall log resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| description | body | string | A human-readable description for the resource. |
| fw_event | body | string |
Type of firewall events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| firewall_id | body | string | The ID of the FWaaS v1 firewall. |
{
"firewall_logs "
:
[
{
"description "
:
"my firewall log 2 "
,
"firewall_id "
:
"a6564146-f8b3-49c3-add1-fb213455d5a8 "
,
"fw_event "
:
"ACCEPT "
,
"id "
:
"3969b708-d600-4343-93b9-01645f8e9a8a "
,
"logging_resource_id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
},
{
"description "
:
"my firewall log "
,
"firewall_id "
:
"a6564146-f8b3-49c3-add1-fb213455d5a8 "
,
"fw_event "
:
"DROP "
,
"id "
:
"deb19331-e5d5-4a80-a37f-5e5ad407b353 "
,
"logging_resource_id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
]
}
Creates a firewall log.
Normal response codes: 200
Error response codes: 400, 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| firewall_log | body | object |
A
firewall_log
object.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| fw_event (Optional) | body | string |
Type of firewall events to log.
ACCEPT
,
DROP
, or
ALL
.
Default is
ALL
.
|
| firewall_id | body | string | The ID of the FWaaS v1 firewall. |
{
"firewall_log "
:
{
"description "
:
"my firewall log "
,
"firewall_id "
:
"a6564146-f8b3-49c3-add1-fb213455d5a8 "
,
"fw_event "
:
"DROP "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_log | body | object |
A
firewall_log
object.
|
| logging_resource_id | body | string | The ID of the logging resource. |
| id | body | string | The ID of the firewall log resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| description | body | string | A human-readable description for the resource. |
| fw_event | body | string |
Type of firewall events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| firewall_id | body | string | The ID of the FWaaS v1 firewall. |
{
"firewall_log "
:
{
"description "
:
"my firewall log "
,
"firewall_id "
:
"a6564146-f8b3-49c3-add1-fb213455d5a8 "
,
"fw_event "
:
"DROP "
,
"id "
:
"deb19331-e5d5-4a80-a37f-5e5ad407b353 "
,
"logging_resource_id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
}
Shows details for a firewall log.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| firewall_log_id | path | string | The ID of the firewall log resource. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| firewall_log | body | object |
A
firewall_log
object.
|
| logging_resource_id | body | string | The ID of the logging resource. |
| id | body | string | The ID of the firewall log resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| description | body | string | A human-readable description for the resource. |
| fw_event | body | string |
Type of firewall events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| firewall_id | body | string | The ID of the FWaaS v1 firewall. |
{
"firewall_log "
:
{
"description "
:
"my firewall log 3 "
,
"firewall_id "
:
"a6564146-f8b3-49c3-add1-fb213455d5a8 "
,
"fw_event "
:
"ALL "
,
"id "
:
"3969b708-d600-4343-93b9-01645f8e9a8a "
,
"logging_resource_id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
}
Updates a firewall log.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| firewall_log_id | path | string | The ID of the firewall log resource. |
| firewall_log | body | object |
A
firewall_log
object.
|
| description (Optional) | body | string | A human-readable description for the resource. |
| fw_event (Optional) | body | string |
Type of firewall events to log.
ACCEPT
,
DROP
, or
ALL
.
|
{
"firewall_log "
:
{
"description "
:
"my firewall log 3 "
,
"fw_event "
:
"ALL "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| firewall_log | body | object |
A
firewall_log
object.
|
| logging_resource_id | body | string | The ID of the logging resource. |
| id | body | string | The ID of the firewall log resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| description | body | string | A human-readable description for the resource. |
| fw_event | body | string |
Type of firewall events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| firewall_id | body | string | The ID of the FWaaS v1 firewall. |
{
"firewall_log "
:
{
"description "
:
"my firewall log 3 "
,
"firewall_id "
:
"a6564146-f8b3-49c3-add1-fb213455d5a8 "
,
"fw_event "
:
"ALL "
,
"id "
:
"3969b708-d600-4343-93b9-01645f8e9a8a "
,
"logging_resource_id "
:
"13b64f3c-20af-4741-b230-658ab7d5b257 "
,
"project_id "
:
"8d018258316e4f22890561e8780c85bb "
,
"tenant_id "
:
"8d018258316e4f22890561e8780c85bb "
}
}
Deletes a firewall log.
Normal response codes: 202
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| logging_resource_id | path | string | The ID of the logging resource. |
| firewall_log_id | path | string | The ID of the firewall log resource. |
There is no body content for the response of a successful DELETE request.
Note
Currently this extension
router-interface-fip
is only available for networking-midonet.
This extension
router-interface-fip
indicates the ability to
associate floating IPs to internal interfaces of a router.
(Without this extension, floating IPs can be associated only to
the gateway interface of a router.)
This extension does not introduce any resources or attributes.
Note
Currently this extension
fip64
is only available for networking-midonet.
This extension
fip64
provides
NAT64
functionality by allowing to associate IPv6 floating IPs to IPv4 fixed IPs.
(Without this extension, floating IPs are limited to IPv4.)
This extension does not introduce any resources or attributes.
The
bgpvpn
extension implements the BGP VPN Interconnection API
which provides the ability to associate OpenStack networks and/or
routers with Multiprotocol Label Switching (MPLS) Virtual Private
Networks (VPNs) via Border Gateway Protocol (BGP) peering. BGP-MPLS VPNs
are commonly provided by telecommunications service providers to
customers in addition to or instead of Internet connectivity for Wide
Area Networking. This API enables the interconnection with these
WAN VPNs using Route Targets
to indicate the desired network(s).
route_targets
,
import_targets
,
export_targets
attributes
route_targets
and
import_targets
.
route_targets
and
export_targets
.
At least one of
route_targets
,
import_targets
or
export_targets
options will
typically be defined, but the API will not enforce that and all lists can be
empty.
For instance, in the very typical use case where the BGP VPN uses a single Route Target for both import and export, the route_targets parameter alone is enough and will contain one Route target.
The
route_distinguishers
parameter is optional and provides an
indication of the RDs that shall be used for routes announced for
Neutron networks. The contract is that when a list of RDs is specified,
the backend will use, for a said advertisement of a route, one of these
RDs. The motivation for having a list rather than only one RD is to
allow the support for multihoming a VPN prefix (typically for
resiliency, load balancing or anycast). A backend may or may not
support this behavior, and should report an API error in the latter
case. When not specified, the backend will use automatically-assigned
RDs (for instance <ip >:<number >RDs derived from the Provider Edge (PE) IP).
Valid strings for a Route Target or a Route Distinguisher are the following:
VXLAN is one option among others that could be used for BGP E-VPNs. When VXLAN is used on a hardware platform the use of a locally-assigned id may not be always possible which introduces the need to configure a globally-assigned VXLAN VNI.
The optional
vni
attribute is an admin-only parameter and allows the
admin to enforce the use of a chosen globally-assigned VXLAN VNI for the
said BGPVPN.
The default when no VNI is specified and the VXLAN encapsulation is used, is to let the backend choose the VNI in advertised routes, and use the VNI in received routes for transmitted traffic. The backend will conform to E-VPN overlay specs.
Valid range for the
vni
attribute is [1, 224
-1].
With the
bgpvpn
extension, when associations between networks or routers
and BGVPNs are defined, the routes corresponding to fixed IPs of neutron ports
will be advertised to BGPVPNs. For router associations, extra routes of the
router (‘routes’ attribute of a
router
resource) may also be advertised
to BGPVPNs.
To provide more flexibility, the
bgpvpn-routes-control
extension provides
a way to:
advertise other routes to a BGPVPN, for instances a prefix that is reachable
via a neutron port, or routes leaked from another BGPVPN; this is implemented
thanks to the
routes
attribute of a BGPVPN port association
not advertise the fixed IPs of a neutron port to a BGPVPN, which can be
particularly relevant when other IP prefixes are reachable via the port; this
is implemented thanks to the
advertise_fixed_ips
attribute of a BGPVPN
port association
explicitly control whether extra routes of a router are to be advertised
to a BGPVPN; this is implemented thanks to the
advertise_extra_routes
attribute of a BGPVPN router association.
Note
This feature is under development for the Rocky release
optionally control the value of the LOCAL_PREF BGP attribute of advertised
routes, for all routes of a BGPVPN (thanks to the
local_pref
attribute
of a BGPVPN resource) and/or per route (thanks to the
local_pref
in a port association route)
A given BGP VPN can be associated to multiple networks and/or multiple routers.
To avoid any ambiguity on semantics in particular the context of processing associated to a router (e.g. NAT or FWaaS), if a given subnet in a network is bound to a router, this API does not allow to both associate the network to an L3 BGP VPN and the router to the same or to a distinct L3 BGP VPN.
Moreover, for BGP VPNs of type L3, there are possible cases of IP prefix overlaps that can’t be detected by the service plugin before BGP routes are received, for which the behavior is left undefined by these specifications (i.e. which of the overlapping routes is being used) and will depend on the backend. This applies for both router associations and network associations in the case where traffic is forwarded by a router and the destination IP belongs both to a prefix of a BGP VPN associated with the router or with the network originating the traffic, and to a prefix of a subnet bound to the router; in such a case whether the traffic will be delivered to the subnet or to the BGP VPN is not defined by this API.
Creating two BGP VPNs with RTs resulting in both VPNs to exchange routes, and then associating these two BGP VPNs to two networks, will result in establishing interconnectivity between these two networks, this simply being the result of applying BGP VPN Route Target semantics (i.e. without making prefixes to OpenStack networks a particular case).
This similarly applies to router associations.
A new BGPVPN resource is introduced. It contains a set of parameters for a BGP-based VPN.
A BGPVPN is created by the admin and given to a tenant who can then associate
it to Networks, Routers or Ports (the latter when the
bgpvpn-routes-control
extension is available).
The BGP VPNs API lists, shows details for, creates, updates, and deletes BGP VPNs.
Lists BGP VPNs to which the project has access.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 400, 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpns | body | array |
A list of
bgpvpn
objects. Each
bgpvpn
object represents an
MPLS network with which Neutron routers and/or networks may be associated
|
| id | body | string | The ID of the BGP VPN. |
| name | body | string | The user meaningful name of the BGP VPN. |
| type | body | string |
Selection of the type of VPN and the technology behind it. Allowed
values are
l2
or
l3
. The default is l3.
l2
indicates a Layer
2 (i.e. bridged) attachment and
l3
indicates a Layer 3 (i.e.
routed) attachment.
|
| route_distinguishers | body | array | List of route distinguisher strings. If this parameter is specified, one of these RDs will be used to advertise VPN routes. |
| route_targets | body | array | Route Targets that will be both imported and used for export. |
| import_targets | body | array | Additional Route Targets that will be imported. |
| export_targets | body | array | Additional Route Targets that will be used for export. |
| networks | body | array | This read-only list of network IDs reflects the associations defined by Network association API resources. |
| routers | body | array | This read-only list of router IDs reflects the associations defined by Router association API resources. |
| ports | body | array |
This read-only list of port IDs reflects the associations defined by Port
association API resources (only present if the
bgpvpn-routes-control
API extension is enabled).
|
| local_pref | body | integer | The default BGP LOCAL_PREF of routes that will be advertised to the BGPVPN (unless overridden per-route). |
| vni | body | integer |
The globally-assigned VXLAN
vni
for the BGP VPN.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"bgpvpns "
:
[
{
"export_targets "
:
[
"64512:1666 "
],
"name "
:
""
,
"routers "
:
[],
"route_distinguishers "
:
[
"64512:1777 "
,
"64512:1888 "
,
"64512:1999 "
],
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"import_targets "
:
[
"64512:1555 "
],
"route_targets "
:
[
"64512:1444 "
],
"type "
:
"l3 "
,
"id "
:
"0f9d472a-908f-40f5-8574-b4e8a63ccbf0 "
,
"networks "
:
[],
"local_pref "
:
null
,
"vni "
:
1000
}
]
}
Creates a BGP VPN.
Normal response codes: 201
Error response codes: 400, 401
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn | body | object |
A
bgpvpn
object represents an MPLS network with which Neutron routers
and/or networks may be associated
|
| name (Optional) | body | string | The user meaningful name of the BGP VPN. |
| route_distinguishers (Optional) | body | array | List of route distinguisher strings. If this parameter is specified, one of these RDs will be used to advertise VPN routes. |
| route_targets (Optional) | body | array | Route Targets that will be both imported and used for export. |
| import_targets (Optional) | body | array | Additional Route Targets that will be imported. |
| export_targets (Optional) | body | array | Additional Route Targets that will be used for export. |
| local_pref (Optional) | body | integer |
The default BGP LOCAL_PREF of routes that will be advertised to the
BGPVPN (unless overridden per-route). Defaults to
null
.
|
| vni (Optional) | body | integer |
The globally-assigned VXLAN
vni
for the BGP VPN.
|
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| type (Optional) | body | string |
Selection of the type of VPN and the technology behind it. Allowed
values are
l2
or
l3
. The default is l3.
l2
indicates a Layer
2 (i.e. bridged) attachment and
l3
indicates a Layer 3 (i.e.
routed) attachment.
|
{
"bgpvpn "
:
{
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"route_targets "
:
"64512:1444 "
,
"import_targets "
:
"64512:1555 "
,
"export_targets "
:
"64512:1666 "
,
"route_distinguishers "
:
[
"64512:1777 "
,
"64512:1888 "
,
"64512:1999 "
],
"type "
:
"l3 "
,
"vni "
:
1000
}
}
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn | body | object |
A
bgpvpn
object represents an MPLS network with which Neutron routers
and/or networks may be associated
|
| id | body | string | The ID of the BGP VPN. |
| name | body | string | The user meaningful name of the BGP VPN. |
| type | body | string |
Selection of the type of VPN and the technology behind it. Allowed
values are
l2
or
l3
. The default is l3.
l2
indicates a Layer
2 (i.e. bridged) attachment and
l3
indicates a Layer 3 (i.e.
routed) attachment.
|
| route_targets | body | array | Route Targets that will be both imported and used for export. |
| import_targets | body | array | Additional Route Targets that will be imported. |
| export_targets | body | array | Additional Route Targets that will be used for export. |
| networks | body | array | This read-only list of network IDs reflects the associations defined by Network association API resources. |
| routers | body | array | This read-only list of router IDs reflects the associations defined by Router association API resources. |
| ports | body | array |
This read-only list of port IDs reflects the associations defined by Port
association API resources (only present if the
bgpvpn-routes-control
API extension is enabled).
|
| local_pref | body | integer | The default BGP LOCAL_PREF of routes that will be advertised to the BGPVPN (unless overridden per-route). |
| vni | body | integer |
The globally-assigned VXLAN
vni
for the BGP VPN.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"bgpvpn "
:
{
"export_targets "
:
[
"64512:1666 "
],
"name "
:
""
,
"routers "
:
[],
"route_distinguishers "
:
[
"64512:1777 "
,
"64512:1888 "
,
"64512:1999 "
],
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"import_targets "
:
[
"64512:1555 "
],
"route_targets "
:
[
"64512:1444 "
],
"type "
:
"l3 "
,
"id "
:
"0f9d472a-908f-40f5-8574-b4e8a63ccbf0 "
,
"networks "
:
[],
"local_pref "
:
null
,
"vni "
:
1000
}
}
Shows details for a BGP VPN.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn | body | object |
A
bgpvpn
object represents an MPLS network with which Neutron routers
and/or networks may be associated
|
| id | body | string | The ID of the BGP VPN. |
| name | body | string | The user meaningful name of the BGP VPN. |
| type | body | string |
Selection of the type of VPN and the technology behind it. Allowed
values are
l2
or
l3
. The default is l3.
l2
indicates a Layer
2 (i.e. bridged) attachment and
l3
indicates a Layer 3 (i.e.
routed) attachment.
|
| route_distinguishers | body | array | List of route distinguisher strings. If this parameter is specified, one of these RDs will be used to advertise VPN routes. |
| route_targets | body | array | Route Targets that will be both imported and used for export. |
| import_targets | body | array | Additional Route Targets that will be imported. |
| export_targets | body | array | Additional Route Targets that will be used for export. |
| networks | body | array | This read-only list of network IDs reflects the associations defined by Network association API resources. |
| routers | body | array | This read-only list of router IDs reflects the associations defined by Router association API resources. |
| ports | body | array |
This read-only list of port IDs reflects the associations defined by Port
association API resources (only present if the
bgpvpn-routes-control
API extension is enabled).
|
| local_pref | body | integer | The default BGP LOCAL_PREF of routes that will be advertised to the BGPVPN (unless overridden per-route). |
| vni | body | integer |
The globally-assigned VXLAN
vni
for the BGP VPN.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"bgpvpn "
:
{
"id "
:
"460ac411-3dfb-45bb-8116-ed1a7233d143 "
,
"name "
:
"foo "
,
"route_targets "
:
[
"64512:1444 "
],
"export_targets "
:
[],
"import_targets "
:
[],
"type "
:
"l3 "
,
"tenant_id "
:
"f94ea398564d49dfb0d542f086c68ce7 "
,
"project_id "
:
"f94ea398564d49dfb0d542f086c68ce7 "
,
"routers "
:
[],
"route_distinguishers "
:
[],
"networks "
:
[
"a4f2b8df-cb42-4893-a333-d0b5c36ade17 "
],
"local_pref "
:
null
,
"vni "
:
1000
}
}
Updates a BGP VPN.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
A non-admin user can only update the name parameter. All other updates require admin privileges.
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| bgpvpn | body | object |
A
bgpvpn
object represents an MPLS network with which Neutron routers
and/or networks may be associated
|
| name (Optional) | body | string | The user meaningful name of the BGP VPN. |
| route_distinguishers (Optional) | body | array | List of route distinguisher strings. If this parameter is specified, one of these RDs will be used to advertise VPN routes. |
| route_targets (Optional) | body | array | Route Targets that will be both imported and used for export. |
| import_targets (Optional) | body | array | Additional Route Targets that will be imported. |
| export_targets (Optional) | body | array | Additional Route Targets that will be used for export. |
| local_pref (Optional) | body | integer |
The default BGP LOCAL_PREF of routes that will be advertised to the
BGPVPN (unless overridden per-route). Defaults to
null
.
|
{
"bgpvpn "
:
{
"name "
:
"foo "
,
"route_targets "
:
[
"64512:1444 "
],
"export_targets "
:
[],
"import_targets "
:
[]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn | body | object |
A
bgpvpn
object represents an MPLS network with which Neutron routers
and/or networks may be associated
|
| id | body | string | The ID of the BGP VPN. |
| name | body | string | The user meaningful name of the BGP VPN. |
| type | body | string |
Selection of the type of VPN and the technology behind it. Allowed
values are
l2
or
l3
. The default is l3.
l2
indicates a Layer
2 (i.e. bridged) attachment and
l3
indicates a Layer 3 (i.e.
routed) attachment.
|
| route_distinguishers | body | array | List of route distinguisher strings. If this parameter is specified, one of these RDs will be used to advertise VPN routes. |
| route_targets | body | array | Route Targets that will be both imported and used for export. |
| import_targets | body | array | Additional Route Targets that will be imported. |
| export_targets | body | array | Additional Route Targets that will be used for export. |
| networks | body | array | This read-only list of network IDs reflects the associations defined by Network association API resources. |
| routers | body | array | This read-only list of router IDs reflects the associations defined by Router association API resources. |
| ports | body | array |
This read-only list of port IDs reflects the associations defined by Port
association API resources (only present if the
bgpvpn-routes-control
API extension is enabled).
|
| local_pref | body | integer | The default BGP LOCAL_PREF of routes that will be advertised to the BGPVPN (unless overridden per-route). |
| vni | body | integer |
The globally-assigned VXLAN
vni
for the BGP VPN.
|
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"bgpvpn "
:
{
"export_targets "
:
[],
"name "
:
""
,
"routers "
:
[],
"route_distinguishers "
:
[
"12345:1234 "
],
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"import_targets "
:
[],
"route_targets "
:
[
"64512:1444 "
],
"type "
:
"l3 "
,
"id "
:
"4d627abf-06dd-45ab-920b-8e61422bb984 "
,
"networks "
:
[],
"local_pref "
:
null
,
"vni "
:
1000
}
}
Associating a BGPVPN to a Network can be done for both BGPVPN of type L2 and of type L3. For type L3, the semantic is that all Subnets bound to the Network will be interconnected with the BGP VPN (and thus between themselves).
A given Network can be associated with multiple BGPVPNs.
Associating or disassociating a BGPVPN to a Network is done by manipulating a Network association API resource as a sub-resource of the BGPVPN resource:
Lists network associations for a given BGP VPN.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| network_associations | body | object |
A list of
network_association
objects which represent bindings
of MPLS networks to Neutron networks.
|
| id | body | string | The ID of an association between a network and a BGP VPN. |
| network_id | body | string | The ID of a Neutron network with which to associate the BGP VPN. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"network_associations "
:
[
{
"network_id "
:
"8c5d88dc-60ac-4b02-a65a-36b65888ddcd "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"id "
:
"96227c78-6a0c-4d9d-b441-c4b8f6fb6c4a "
},
{
"network_id "
:
"a4f2b8df-cb42-4893-a333-d0b5c36ade17 "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"id "
:
"1b09fd12-c769-4be7-9c26-dececa474acf "
}
]
}
Creates a network association for a given BGP VPN
Normal response codes: 201
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| network_association | body | object |
A
network_association
object represents the binding of a BGP VPN
to a Neutron network.
|
| network_id | body | string | The ID of a Neutron network with which to associate the BGP VPN. |
{
"network_association "
:
{
"network_id "
:
"8c5d88dc-60ac-4b02-a65a-36b65888ddcd "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| network_association | body | object |
A
network_association
object represents the binding of a BGP VPN
to a Neutron network.
|
| id | body | string | The ID of an association between a network and a BGP VPN. |
| network_id | body | string | The ID of a Neutron network with which to associate the BGP VPN. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"network_association "
:
{
"network_id "
:
"8c5d88dc-60ac-4b02-a65a-36b65888ddcd "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"id "
:
"73238ca1-e05d-4c7a-b4d4-70407b4b8730 "
}
}
Shows details for a network association.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| network_association_id | path | string | The ID of an association between a network and a BGP VPN. |
| Name | In | Type | Description |
|---|---|---|---|
| network_association | body | object |
A
network_association
object represents the binding of a BGP VPN
to a Neutron network.
|
| id | body | string | The ID of an association between a network and a BGP VPN. |
| network_id | body | string | The ID of a Neutron network with which to associate the BGP VPN. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"network_association "
:
{
"id "
:
"1b09fd12-c769-4be7-9c26-dececa474acf "
,
"network_id "
:
"a4f2b8df-cb42-4893-a333-d0b5c36ade17 "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
}
}
Deletes a network association.
Normal response codes: 204
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| network_association_id | path | string | The ID of an association between a network and a BGP VPN. |
There is no body content for the response of a successful DELETE request.
Associating a BGPVPN to a Router can be done only for BGPVPN of type L3. The semantic is that all Subnets bound to the Router will be interconnected with the BGPVPN.
A said Router can be associated with multiple BGPVPNs.
Associating or disassociating a BGPVPN to a Router is done by manipulating a Router association API resource as a sub-resource of the BGPVPN resource:
The
bgpvpn-routes-control
API extension allows to control the
re-advertisement of a router extra routes in a BGPVPN (“extra routes” are
routes defined in the
routes
attribute of a router when the
extraroute
extension is available).
The
advertise_extra_routes
attribute can in this case be set on a
router_association:
true
: the extra routes defined in the
routes
attribute of
the router will be advertised to the BGPVPN (default value)
false
: the extra routes defined in the
routes
attribute of
the router will not
be advertised to the BGPVPN
Lists router associations for a given BGP VPN.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| router_associations | body | object |
A list of
router_association
objects which represent bindings
of MPLS networks to Neutron routers.
|
| id | body | string | The ID of an association between a router and a BGP VPN. |
| router_id | body | string | The ID of a Neutron router with which to associate the BGP VPN. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"router_associations "
:
[
{
"router_id "
:
"61222227-49eb-4dcc-b2d6-66bbfb2fdd7a "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"id "
:
"95277be7-a231-4e96-9625-8f9fe41de9d6 "
,
"advertise_extra_routes "
:
true
}
]
}
Creates a router association for a given BGP VPN
Normal response codes: 201
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| router_association | body | object |
A
router_association
object represents the binding of a BGP VPN
to a Neutron router.
|
| router_id | body | string | The ID of a Neutron router with which to associate the BGP VPN. |
{
"router_association "
:
{
"router_id "
:
"b58a6241-6e49-4b11-87c6-8e0606dde796 "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| router_association | body | object |
A
router_association
object represents the binding of a BGP VPN
to a Neutron router.
|
| id | body | string | The ID of an association between a router and a BGP VPN. |
| router_id | body | string | The ID of a Neutron router with which to associate the BGP VPN. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"router_association "
:
{
"router_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"id "
:
"c63149a0-a0b3-4ca7-aba4-9aaa1b39d7f3 "
,
"advertise_extra_routes "
:
true
}
}
Shows details for a router association.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| router_association_id | path | string | The ID of an association between a router and a BGP VPN. |
| Name | In | Type | Description |
|---|---|---|---|
| router_association | body | object |
A
router_association
object represents the binding of a BGP VPN
to a Neutron router.
|
| id | body | string | The ID of an association between a router and a BGP VPN. |
| router_id | body | string | The ID of a Neutron router with which to associate the BGP VPN. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
{
"router_association "
:
{
"id "
:
"c63149a0-a0b3-4ca7-aba4-9aaa1b39d7f3 "
,
"router_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"tenant_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"advertise_extra_routes "
:
true
}
}
Note
This operation is only available when the
bgpvpn-routes-control
API extension is enabled.
Updates a router association.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| router_association_id | path | string | The ID of an association between a router and a BGP VPN. |
| router_association | body | object |
A
router_association
object represents the binding of a BGP VPN
to a Neutron router.
|
| advertise_extra_routes (Optional) | body | boolean |
Boolean flag controlling whether or not the routes specified in the
routes
attribute of the router will be advertised to the BGPVPN
(default: true).
|
{
"router_association "
:
{
"router_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"advertise_extra_routes "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| router_association | body | object |
A
router_association
object represents the binding of a BGP VPN
to a Neutron router.
|
| id | body | string | The ID of an association between a router and a BGP VPN. |
| router_id | body | string | The ID of a Neutron router with which to associate the BGP VPN. |
| project_id | body | string | The ID of the project. |
| advertise_extra_routes | body | boolean |
Boolean flag controlling whether or not the routes specified in the
routes
attribute of the router will be advertised to the BGPVPN.
|
{
"router_association "
:
{
"id "
:
"c63149a0-a0b3-4ca7-aba4-9aaa1b39d7f3 "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"router_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"advertise_extra_routes "
:
false
}
}
Deletes a router association.
Normal response codes: 204
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| router_association_id | path | string | The ID of an association between a router and a BGP VPN. |
There is no body content for the response of a successful DELETE request.
Port associations are available if the
bgpvpn-routes-control
extension
is available.
Associating or disassociating a BGPVPN to a Port is done by manipulating a Port association API resource as a sub-resource of the BGPVPN resource.
The semantic behind this API call is a form of policy-based routing: the traffic from the given Port will be processed according to dataplane lookups specific to this Port. This means, in particular that Ports belonging to a given neutron network will possibly see a different L2 or L3 connectivity if they have different BGPVPN associations.
When, a port association is defined for a given port, and at the same time, a network association is defined for the port’s network, both associations are considered simultaneously active and the connectivity will be established between the port and the BGPVPNs in both associations. This is true also in the case where multiple associations are made, and for a router associations of a router connected to the port’s network.
Additionally to providing Port-level granularity in the definition of BGPVPN connectivity, port associations also provide a way to control the advertisement of routes other than only the fixed IPs of neutron ports.
So-called static routes are defined as follows: to indicate that prefix
20.1.0.0/16 is reachable via port A and should be advertised
accordingly in BGPVPN X, a port association is defined between port A
and BGPVPN X, with the
routes
attribute set to
[
{'type':
'prefix',
'prefix':
'20.1.0.0/16'}
]
.
Route leaking of the routes of a given BGPVPN into another BGPVPN belonging
to the same tenant, is supported similarily: to indicate that all the prefixes
advertised to BGPVPN Y are reachable via port A (i.e. the routes tagged with at
least an RT belonging to
route_targets
or
import_targets
of BGPVPN Y),
and that they should be leaked into BGPVPN X, a port association is defined
between port A and BGPVPN X, with the
routes
attribute set to
[
{'type':
'bgpvpn',
'bgpvpn_id':
<uuid
of
BGPVPN
Y >}
]
.
The BGP LOCAL_PREF for a specific route can be controlled to take a different
value than the one defined in the BGPVPN
local_pref
attribute, by
adding a
'local_pref':
VALUE
in a route in the
routes
attribute (see
example in port association Update request).
Lists port associations for a given BGP VPN.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| port_associations | body | array |
A list of
port_association
objects which represent bindings
of MPLS networks to Neutron ports.
|
| id | body | string | The ID of an association between a port and a BGP VPN. |
| port_id | body | string | The ID of a Neutron port with which to associate the BGP VPN. |
| project_id | body | string | The ID of the project. |
| routes | body | array |
List of routes, each route being a dict with at least a
For the
For the
For both types, the
|
| advertise_fixed_ips | body | boolean | Boolean flag controlling whether or not the fixed IPs of a port will be advertised to the BGPVPN. |
{
"port_associations "
:
[
{
"id "
:
"95277be7-a231-4e96-9625-8f9fe41de9d6 "
,
"port_id "
:
"61222227-49eb-4dcc-b2d6-66bbfb2fdd7a "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"routes "
:
[
{
"type "
:
"prefix "
,
"prefix "
:
"20.1.0.0/16 "
}
],
"advertise_fixed_ips "
:
true
}
]
}
Creates a port association for a given BGP VPN
Normal response codes: 201
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| port_association | body | object |
A
port_association
object represents the binding of a BGP VPN
to a Neutron port.
|
| port_id | body | string | The ID of a Neutron port with which to associate the BGP VPN. |
| routes (Optional) | body | array |
List of routes, each route being a dict with at least a
For the
For the
For both types, the
|
| advertise_fixed_ips (Optional) | body | boolean | Boolean flag controlling whether or not the fixed IPs of a port will be advertised to the BGPVPN (default: true). |
{
"port_association "
:
{
"port_id "
:
"b58a6241-6e49-4b11-87c6-8e0606dde796 "
,
"routes "
:
[
{
"type "
:
"prefix "
,
"prefix "
:
"20.1.0.0/16 "
}
]
}
}
| Name | In | Type | Description |
|---|---|---|---|
| port_association | body | object |
A
port_association
object represents the binding of a BGP VPN
to a Neutron port.
|
| id | body | string | The ID of an association between a port and a BGP VPN. |
| port_id | body | string | The ID of a Neutron port with which to associate the BGP VPN. |
| project_id | body | string | The ID of the project. |
| routes | body | array |
List of routes, each route being a dict with at least a
For the
For the
For both types, the
|
| advertise_fixed_ips | body | boolean | Boolean flag controlling whether or not the fixed IPs of a port will be advertised to the BGPVPN. |
{
"port_association "
:
{
"id "
:
"c63149a0-a0b3-4ca7-aba4-9aaa1b39d7f3 "
,
"port_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"routes "
:
[
{
"type "
:
"prefix "
,
"prefix "
:
"20.1.0.0/16 "
}
],
"advertise_fixed_ips "
:
true
}
}
Shows details for a port association.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| port_association_id | path | string | The ID of an association between a port and a BGP VPN. |
| Name | In | Type | Description |
|---|---|---|---|
| port_association | body | object |
A
port_association
object represents the binding of a BGP VPN
to a Neutron port.
|
| id | body | string | The ID of an association between a port and a BGP VPN. |
| port_id | body | string | The ID of a Neutron port with which to associate the BGP VPN. |
| project_id | body | string | The ID of the project. |
| routes | body | array |
List of routes, each route being a dict with at least a
For the
For the
For both types, the
|
| advertise_fixed_ips | body | boolean | Boolean flag controlling whether or not the fixed IPs of a port will be advertised to the BGPVPN. |
{
"port_association "
:
{
"id "
:
"c63149a0-a0b3-4ca7-aba4-9aaa1b39d7f3 "
,
"port_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"routes "
:
[
{
"type "
:
"prefix "
,
"prefix "
:
"20.1.0.0/16 "
}
],
"advertise_fixed_ips "
:
true
}
}
Updates a port Association.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| port_association_id | path | string | The ID of an association between a port and a BGP VPN. |
| port_association | body | object |
A
port_association
object represents the binding of a BGP VPN
to a Neutron port.
|
| routes (Optional) | body | array |
List of routes, each route being a dict with at least a
For the
For the
For both types, the
|
| advertise_fixed_ips (Optional) | body | boolean | Boolean flag controlling whether or not the fixed IPs of a port will be advertised to the BGPVPN (default: true). |
{
"port_association "
:
{
"port_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"routes "
:
[
{
"type "
:
"bgpvpn "
,
"bgpvpn_id "
:
"180630e3-9eae-4ba7-9939-d5f47966e1f0 "
,
"local_pref "
:
111
}
],
"advertise_fixed_ips "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| port_association | body | object |
A
port_association
object represents the binding of a BGP VPN
to a Neutron port.
|
| id | body | string | The ID of an association between a port and a BGP VPN. |
| port_id | body | string | The ID of a Neutron port with which to associate the BGP VPN. |
| project_id | body | string | The ID of the project. |
| routes | body | array |
List of routes, each route being a dict with at least a
For the
For the
For both types, the
|
| advertise_fixed_ips | body | boolean | Boolean flag controlling whether or not the fixed IPs of a port will be advertised to the BGPVPN. |
{
"port_association "
:
{
"id "
:
"c63149a0-a0b3-4ca7-aba4-9aaa1b39d7f3 "
,
"port_id "
:
"46a1a80b-7c42-4c45-88fd-b531e636969f "
,
"project_id "
:
"b7549121395844bea941bb92feb3fad9 "
,
"routes "
:
[
{
"type "
:
"bgpvpn "
,
"bgpvpn_id "
:
"180630e3-9eae-4ba7-9939-d5f47966e1f0 "
,
"local_pref "
:
111
}
],
"advertise_fixed_ips "
:
false
}
}
Deletes a port association.
Normal response codes: 204
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| bgpvpn_id | path | string | The ID of the BGP VPN. |
| port_association_id | path | string | The ID of an association between a port and a BGP VPN. |
There is no body content for the response of a successful DELETE request.
The
logging
extension lists, creates, shows information for, and updates
log resource.
The
standard-attr-timestamp
extension adds the
created_at
and
updated_at
attributes to all resources that have standard attributes.
Lists all log resources associated with your project.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
The list might be empty.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| tenant_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| project_id (Optional) | query | string | Filter the list result by the ID of the project that owns the resource. |
| event (Optional) | query | string |
Filter the log list result by the type of security events,
which is
ACCEPT
,
DROP
, or
ALL
.
|
| revision_number (Optional) | query | integer | Filter the list result by the revision number of the resource. |
| resource_type (Optional) | query | string |
Filter the log list result by the resource type such as
security_group
.
|
| resource_id (Optional) | query | string | Filter the log list result by the ID of resource (e.g security group ID). |
| target_id (Optional) | query | string | Filter the log list result by the ID of resource that is the logging target. |
| enabled (Optional) | query | boolean |
Filter the log list result based on this log object is enabled (
true
)
or disabled (
false
).
|
| sort_dir (Optional) | query | string |
Sort direction. A valid value is
asc
(ascending) or
desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters.
|
| sort_key (Optional) | query | string |
Sorts by a log attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| logs | body | array |
A list of
log
objects.
|
| id | body | string | The ID of the log object. |
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| event | body | string |
Type of security events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| revision_number | body | integer | The revision number of the resource. |
| resource_type | body | string | The resource log type such as ‘security_group’. |
| resource_id | body | string | The ID of resource log (e.g security group ID). |
| target_id | body | string | The ID of resource target log such as port ID. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| enabled | body | boolean | Indicates whether this log object is enabled or disabled. |
{
"logs "
:
[
{
"name "
:
"security group log "
,
"description "
:
"Log for project demo."
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"project_id "
:
"92a5a4f4245a4abbafacb7ca73b027b0 "
,
"tenant_id "
:
"92a5a4f4245a4abbafacb7ca73b027b0 "
,
"created_at "
:
"2018-04-03T21:03:04Z "
,
"updated_at "
:
"2018-04-03T21:03:04Z "
,
"enabled "
:
true
,
"revision_number "
:
1
,
"resource_type "
:
"security_group "
,
"resource_id "
:
null
,
"target_id "
:
null
,
"event "
:
"ALL "
}
]
}
Creates a log resource.
Creates a log resource by using the configuration that you define in the request object. A response object is returned. The object contains a unique ID.
If the caller is not an administrative user, this call returns the
HTTP
Forbidden
(403)
response code.
Users with an administrative role can create policies on behalf of other projects by specifying a project ID that is different than their own.
Normal response codes: 201
Error response codes: 400, 401, 403, 409
| Name | In | Type | Description |
|---|---|---|---|
| log | body | object |
A
log
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| tenant_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| event (Optional) | body | string |
Type of security events to log.
ACCEPT
,
DROP
, or
ALL
.
Default is
ALL
.
|
| resource_type | body | string | The resource log type such as ‘security_group’. |
| resource_id (Optional) | body | string | The ID of resource log (e.g security group ID). |
| target_id (Optional) | body | string | The ID of resource target log such as port ID. |
| enabled (Optional) | body | boolean | Indicates whether this log object is enabled or disabled. Default is true. |
{
"log "
:
{
"name "
:
"security group log "
,
"description "
:
"Log for project demo."
,
"resource_type "
:
"security_group "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| log | body | object |
A
log
object.
|
| id | body | string | The ID of the log object. |
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| event | body | string |
Type of security events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| revision_number | body | integer | The revision number of the resource. |
| resource_type | body | string | The resource log type such as ‘security_group’. |
| resource_id | body | string | The ID of resource log (e.g security group ID). |
| target_id | body | string | The ID of resource target log such as port ID. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| enabled | body | boolean | Indicates whether this log object is enabled or disabled. |
{
"log "
:
{
"name "
:
"security group log "
,
"description "
:
"Log for project demo."
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"project_id "
:
"92a5a4f4245a4abbafacb7ca73b027b0 "
,
"tenant_id "
:
"92a5a4f4245a4abbafacb7ca73b027b0 "
,
"created_at "
:
"2018-04-03T21:03:04Z "
,
"updated_at "
:
"2018-04-03T21:03:04Z "
,
"enabled "
:
true
,
"resource_type "
:
"security_group "
,
"resource_id "
:
null
,
"revision_number "
:
1
,
"target_id "
:
null
,
"event "
:
"ALL "
}
}
Shows details log resource.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| log_id | path | string | The ID of the log resource. |
| Name | In | Type | Description |
|---|---|---|---|
| log | body | object |
A
log
object.
|
| id | body | string | The ID of the log object. |
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| event | body | string |
Type of security events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| revision_number | body | integer | The revision number of the resource. |
| resource_type | body | string | The resource log type such as ‘security_group’. |
| resource_id | body | string | The ID of resource log (e.g security group ID). |
| target_id | body | string | The ID of resource target log such as port ID. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| enabled | body | boolean | Indicates whether this log object is enabled or disabled. |
{
"log "
:
{
"name "
:
"security group log "
,
"description "
:
"Log for project demo."
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"project_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"tenant_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"created_at "
:
"2018-04-03T21:03:04Z "
,
"updated_at "
:
"2018-04-03T21:03:04Z "
,
"enabled "
:
true
,
"revision_number "
:
1
,
"resource_type "
:
"security_group "
,
"resource_id "
:
null
,
"target_id "
:
null
,
"event "
:
"ACCEPT "
}
}
Updates a log resource.
Normal response codes: 200
Error response codes: 400, 401, 404, 412
| Name | In | Type | Description |
|---|---|---|---|
| log_id | path | string | The ID of the log resource. |
| log | body | object |
A
log
object.
|
| name (Optional) | body | string | Human-readable name of the resource. Default is an empty string. |
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
| enabled (Optional) | body | boolean | Indicates whether this log object is enabled or disabled. |
{
"log "
:
{
"enabled "
:
false
}
}
| Name | In | Type | Description |
|---|---|---|---|
| log | body | object |
A
log
object.
|
| id | body | string | The ID of the log object. |
| name | body | string | Human-readable name of the resource. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| event | body | string |
Type of security events to log.
ACCEPT
,
DROP
, or
ALL
.
|
| revision_number | body | integer | The revision number of the resource. |
| resource_type | body | string | The resource log type such as ‘security_group’. |
| resource_id | body | string | The ID of resource log (e.g security group ID). |
| target_id | body | string | The ID of resource target log such as port ID. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| enabled | body | boolean | Indicates whether this log object is enabled or disabled. |
{
"log "
:
{
"name "
:
"security group log "
,
"description "
:
"Log for project demo."
,
"id "
:
"46ebaec0-0570-43ac-82f6-60d2b03168c4 "
,
"project_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"tenant_id "
:
"8d4c70a21fed4aeba121a1a429ba0d04 "
,
"created_at "
:
"2018-04-03T21:03:04Z "
,
"updated_at "
:
"2018-04-03T21:03:04Z "
,
"enabled "
:
false
,
"revision_number "
:
3
,
"resource_type "
:
"security_group "
,
"resource_id "
:
null
,
"target_id "
:
null
,
"event "
:
"DROP "
}
}
Lists all resource log types are supporting.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| loggable_resources | body | object |
A list of
loggable_resource
object.
|
| type | body | string | The resource log type such as ‘security_group’. |
{
"loggable_resources "
:
[
{
"type "
:
"security_group "
}
]
}
Introduces a new
interconnection
resource.
When an interconnection is created by a tenant, parameters specific to the
interconnection mechanism (
local_parameters
and
remote_parameters
) are
only visible by the admin or users with specific role (default role:
neutron_interconnection_peer
).
Creates, modifies, and deletes Neutron-Neutron interconnections.
Lists all interconnections belonging to the project.
Use the
fields
query parameter to control which fields are
returned in the response body. Additionally, you can filter results
by using query string parameters. For information, see Filtering
and Column Selection
.
Normal response codes: 200
Error response codes: 400, 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| interconnections | body | array |
A list of
interconnection
objects.
|
| project_id | body | string | The ID of the project. |
| id | body | string |
The ID of the
interconnection
.
|
| name | body | string |
Name of the
interconnection
.
|
| type | body | string |
Selection of the type of interconnection. Allowed values are
network_l2
,
network_l3
or
router
. Default is
network_l3
.
|
| state | body | string |
Indicates the state of the
interconnection
.
|
| local_resource_id | body | string | The ID of the local Neutron resource (network or router) to interconnect with remote Neutron resource. |
| remote_resource_id | body | string | The ID of the remote Neutron resource (network or router) to interconnect with local Neutron resource. |
| remote_keystone (Optional) | body | string |
auth_url
of the remote Keystone service.
|
| remote_region (Optional) | body | string | Remote region name. |
| remote_interconnection_id | body | string |
ID of the symmetric
interconnection
exchanged with remote Neutron.
|
| local_parameters (Optional) | body | dict |
Parameters specific to local interconnection mechanism, represented by a
dict with a type (
bgpvpn
,
vxlan
, etc…) key and corresponding
identifier (BGPVPN RT, VNI, etc…) value.
|
| remote_parameters (Optional) | body | dict |
Parameters specific to remote interconnection mechanism exchanged with
remote Neutron, represented by a dict with a type (
bgpvpn
,
vxlan
,
etc…) key and corresponding identifier (BGPVPN RT, VNI, etc…) value.
|
{
"interconnections "
:
[
{
"id "
:
"1bdffef1-fc49-4299-b9b5-005a2861e716 "
,
"project_id "
:
"5455570dafa34c32abb69c70005a57de "
,
"name "
:
"interconnection1 "
,
"type "
:
"router "
,
"state "
:
"ACTIVE "
,
"local_resource_id "
:
"5d6820bf-a528-4e0c-85df-c2e771368d55 "
,
"remote_resource_id "
:
"a02d408d-7493-4291-b7bc-56894d063693 "
,
"remote_keystone "
:
"http://10.0.0.100/identity "
,
"remote_region "
:
"RegionOne "
,
"remote_interconnection_id "
:
"5f063750-ad6d-4bbe-8b82-aeb49d48ce2d "
,
"local_parameters "
:
{
"bgpvpn "
:
"64512:10 "
},
"remote_parameters "
:
{
"bgpvpn "
:
"64512:20 "
}
}
]
}
Creates an interconnection.
Normal response codes: 201
Error response codes: 400, 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| interconnection | body | object |
An
interconnection
object.
|
| project_id (Optional) | body | string | The ID of the project that owns the resource. Only administrative and users with advsvc role can specify a project ID other than their own. You cannot change this value through authorization policies. |
| name (Optional) | body | string |
Name of the
interconnection
.
|
| type (Optional) | body | string |
Selection of the type of interconnection. Allowed values are
network_l2
,
network_l3
or
router
. Default is
network_l3
.
|
| local_resource_id | body | string | The ID of the local Neutron resource (network or router) to interconnect with remote Neutron resource. |
| remote_resource_id | body | string | The ID of the remote Neutron resource (network or router) to interconnect with local Neutron resource. |
| remote_keystone (Optional) | body | string |
auth_url
of the remote Keystone service.
|
| remote_region (Optional) | body | string | Remote region name. |
{
"interconnection "
:
{
"project_id "
:
"5455570dafa34c32abb69c70005a57de "
,
"name "
:
"interconnection1 "
,
"type "
:
"network_l3 "
,
"local_resource_id "
:
"5d6820bf-a528-4e0c-85df-c2e771368d55 "
,
"remote_resource_id "
:
"a02d408d-7493-4291-b7bc-56894d063693 "
,
"remote_keystone "
:
"http://10.0.0.100/identity "
,
"remote_region "
:
"RegionOne "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| interconnection | body | object |
An
interconnection
object.
|
| project_id | body | string | The ID of the project. |
| id | body | string |
The ID of the
interconnection
.
|
| name | body | string |
Name of the
interconnection
.
|
| type | body | string |
Selection of the type of interconnection. Allowed values are
network_l2
,
network_l3
or
router
. Default is
network_l3
.
|
| state | body | string |
Indicates the state of the
interconnection
.
|
| local_resource_id | body | string | The ID of the local Neutron resource (network or router) to interconnect with remote Neutron resource. |
| remote_resource_id | body | string | The ID of the remote Neutron resource (network or router) to interconnect with local Neutron resource. |
| remote_keystone (Optional) | body | string |
auth_url
of the remote Keystone service.
|
| remote_region (Optional) | body | string | Remote region name. |
| remote_interconnection_id | body | string |
ID of the symmetric
interconnection
exchanged with remote Neutron.
|
| local_parameters (Optional) | body | dict |
Parameters specific to local interconnection mechanism, represented by a
dict with a type (
bgpvpn
,
vxlan
, etc…) key and corresponding
identifier (BGPVPN RT, VNI, etc…) value.
|
| remote_parameters (Optional) | body | dict |
Parameters specific to remote interconnection mechanism exchanged with
remote Neutron, represented by a dict with a type (
bgpvpn
,
vxlan
,
etc…) key and corresponding identifier (BGPVPN RT, VNI, etc…) value.
|
{
"interconnection "
:
{
"id "
:
"1bdffef1-fc49-4299-b9b5-005a2861e716 "
,
"project_id "
:
"5455570dafa34c32abb69c70005a57de "
,
"name "
:
"interconnection1 "
,
"type "
:
"network_l3 "
,
"state "
:
"TO_VALIDATE "
,
"local_resource_id "
:
"5d6820bf-a528-4e0c-85df-c2e771368d55 "
,
"remote_resource_id "
:
"a02d408d-7493-4291-b7bc-56894d063693 "
,
"remote_keystone "
:
"http://10.0.0.100/identity "
,
"remote_region "
:
"RegionOne "
,
"remote_interconnection_id "
:
null
}
}
Shows an interconnection details.
Normal response codes: 200
Error response codes: 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| interconnection_id | path | string | The ID of the interconnection. |
| Name | In | Type | Description |
|---|---|---|---|
| interconnection | body | object |
An
interconnection
object.
|
| project_id | body | string | The ID of the project. |
| id | body | string |
The ID of the
interconnection
.
|
| name | body | string |
Name of the
interconnection
.
|
| type | body | string |
Selection of the type of interconnection. Allowed values are
network_l2
,
network_l3
or
router
. Default is
network_l3
.
|
| state | body | string |
Indicates the state of the
interconnection
.
|
| local_resource_id | body | string | The ID of the local Neutron resource (network or router) to interconnect with remote Neutron resource. |
| remote_resource_id | body | string | The ID of the remote Neutron resource (network or router) to interconnect with local Neutron resource. |
| remote_keystone (Optional) | body | string |
auth_url
of the remote Keystone service.
|
| remote_region (Optional) | body | string | Remote region name. |
| remote_interconnection_id | body | string |
ID of the symmetric
interconnection
exchanged with remote Neutron.
|
| local_parameters (Optional) | body | dict |
Parameters specific to local interconnection mechanism, represented by a
dict with a type (
bgpvpn
,
vxlan
, etc…) key and corresponding
identifier (BGPVPN RT, VNI, etc…) value.
|
| remote_parameters (Optional) | body | dict |
Parameters specific to remote interconnection mechanism exchanged with
remote Neutron, represented by a dict with a type (
bgpvpn
,
vxlan
,
etc…) key and corresponding identifier (BGPVPN RT, VNI, etc…) value.
|
{
"interconnection "
:
{
"id "
:
"1bdffef1-fc49-4299-b9b5-005a2861e716 "
,
"project_id "
:
"5455570dafa34c32abb69c70005a57de "
,
"name "
:
"interconnection1 "
,
"type "
:
"router "
,
"state "
:
"ACTIVE "
,
"local_resource_id "
:
"5d6820bf-a528-4e0c-85df-c2e771368d55 "
,
"remote_resource_id "
:
"a02d408d-7493-4291-b7bc-56894d063693 "
,
"remote_keystone "
:
"http://10.0.0.100/identity "
,
"remote_region "
:
"RegionOne "
,
"remote_interconnection_id "
:
"5f063750-ad6d-4bbe-8b82-aeb49d48ce2d "
,
"local_parameters "
:
{
"bgpvpn "
:
"64512:10 "
},
"remote_parameters "
:
{
"bgpvpn "
:
"64512:20 "
}
}
}
Updates an interconnection.
Normal response codes: 201
Error response codes: 400, 401, 403, 404
A user can only update the name parameter.
| Name | In | Type | Description |
|---|---|---|---|
| interconnection_id | path | string | The ID of the interconnection. |
| interconnection | body | object |
An
interconnection
object.
|
| name (Optional) | body | string |
Name of the
interconnection
.
|
{
"interconnection "
:
{
"name "
:
"foo "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| interconnection | body | object |
An
interconnection
object.
|
| project_id | body | string | The ID of the project. |
| id | body | string |
The ID of the
interconnection
.
|
| name | body | string |
Name of the
interconnection
.
|
| type | body | string |
Selection of the type of interconnection. Allowed values are
network_l2
,
network_l3
or
router
. Default is
network_l3
.
|
| state | body | string |
Indicates the state of the
interconnection
.
|
| local_resource_id | body | string | The ID of the local Neutron resource (network or router) to interconnect with remote Neutron resource. |
| remote_resource_id | body | string | The ID of the remote Neutron resource (network or router) to interconnect with local Neutron resource. |
| remote_keystone (Optional) | body | string |
auth_url
of the remote Keystone service.
|
| remote_region (Optional) | body | string | Remote region name. |
| remote_interconnection_id | body | string |
ID of the symmetric
interconnection
exchanged with remote Neutron.
|
| local_parameters (Optional) | body | dict |
Parameters specific to local interconnection mechanism, represented by a
dict with a type (
bgpvpn
,
vxlan
, etc…) key and corresponding
identifier (BGPVPN RT, VNI, etc…) value.
|
| remote_parameters (Optional) | body | dict |
Parameters specific to remote interconnection mechanism exchanged with
remote Neutron, represented by a dict with a type (
bgpvpn
,
vxlan
,
etc…) key and corresponding identifier (BGPVPN RT, VNI, etc…) value.
|
{
"interconnection "
:
{
"id "
:
"1bdffef1-fc49-4299-b9b5-005a2861e716 "
,
"project_id "
:
"5455570dafa34c32abb69c70005a57de "
,
"name "
:
"foo "
,
"type "
:
"network_l2 "
,
"state "
:
"VALIDATED "
,
"local_resource_id "
:
"5d6820bf-a528-4e0c-85df-c2e771368d55 "
,
"remote_resource_id "
:
"a02d408d-7493-4291-b7bc-56894d063693 "
,
"remote_keystone "
:
"http://10.0.0.100/identity "
,
"remote_region "
:
"RegionOne "
,
"remote_interconnection_id "
:
"5f063750-ad6d-4bbe-8b82-aeb49d48ce2d "
,
"local_parameters "
:
{
"bgpvpn "
:
"64512:10 "
},
"remote_parameters "
:
{}
}
}
Lists, shows details for, updates, and deletes agents.
The
agent-resources-synced
extension adds the
resources_synced
attribute
to agents.
The
availability_zone
extension adds the
availability_zone
attribute
to agents.
availability_zone
is the name of the availability zone that
the agent is running on.
Shows details for an agent.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up (Optional) | query | boolean |
Filter the list result by the administrative state of the resource,
which is up (
true
) or down (
false
).
|
| agent_type (Optional) | query | string |
Filter the list result by the type of agent such as
Open
vSwitch
agent
or
DHCP
agent
.
|
| alive (Optional) | query | boolean | Filter the list result based on whether the agent is alive and running. |
| availability_zone (Optional) | query | string | Filter the list result by the availability zone of the agent. |
| binary (Optional) | query | string |
Filter the list result by the executable command used to start the agent
such as
neutron-openvswitch-agent
or
neutron-dhcp-agent
.
|
| description (Optional) | query | string | Filter the list result by the human-readable description of the resource. |
| host (Optional) | query | string | Filter the list result by the hostname of the system the agent is running on. |
| id (Optional) | query | string | Filter the list result by the ID of the resource. |
| topic (Optional) | query | string |
Filter the list result by the name of AMQP topic the agent is listening on
such as
dhcp_agent
.
|
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| agents | body | array |
A list of
agent
objects.
|
| agent_type | body | string |
The type of agent such as
Open
vSwitch
agent
or
DHCP
agent
.
|
| alive | body | boolean | Indicates the agent is alive and running. |
| availability_zone | body | string | The availability zone of the agent. |
| binary | body | string |
The executable command used to start the agent such as
neutron-openvswitch-agent
or
neutron-dhcp-agent
.
|
| configurations | body | object | An object containing configuration specific key/value pairs; the semantics of which are determined by the binary name and type. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| heartbeat_timestamp | body | string | Time at which the last heartbeat was received. |
| host | body | string | The hostname of the system the agent is running on. |
| id | body | string | The ID of the resource. |
| resources_synced (Optional) | body | boolean |
The value
null
means no resource view synchronization to Placement
was attempted.
true
/
false
values signify the success of
the last synchronization attempt. Therefore the relevant resources
in Placement can only be considered up to date if this attribute is
true
. This attribute is read-only, it is only supposed to be
updated internally, but it is readable for debugging purposes. Not all
agent types track resources via Placement, therefore the value
null
does not necessarily means there is an error in the system.
|
| started_at | body | string | Time at which the agent was started. |
| topic | body | string |
The name of AMQP topic the agent is listening on such as
dhcp_agent
. A special value of
N/A
is used when the
agent doesn’t use an AMQP topic.
|
{
"agents "
:
[
{
"binary "
:
"neutron-openvswitch-agent "
,
"description "
:
null
,
"availability_zone "
:
null
,
"heartbeat_timestamp "
:
"2017-09-12 19:40:08 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"id "
:
"04c62b91-b799-48b7-9cd5-2982db6df9c6 "
,
"topic "
:
"N/A "
,
"host "
:
"agenthost1 "
,
"agent_type "
:
"Open vSwitch agent "
,
"started_at "
:
"2017-09-12 19:35:38 "
,
"created_at "
:
"2017-09-12 19:35:38 "
,
"resources_synced "
:
true
,
"configurations "
:
{
"ovs_hybrid_plug "
:
true
,
"in_distributed_mode "
:
false
,
"datapath_type "
:
"system "
,
"vhostuser_socket_dir "
:
"/var/run/openvswitch "
,
"tunneling_ip "
:
"172.16.78.191 "
,
"arp_responder_enabled "
:
false
,
"devices "
:
0
,
"ovs_capabilities "
:
{
"datapath_types "
:
[
"netdev "
,
"system "
],
"iface_types "
:
[
"geneve "
,
"gre "
,
"internal "
,
"ipsec_gre "
,
"lisp "
,
"patch "
,
"stt "
,
"system "
,
"tap "
,
"vxlan "
]
},
"log_agent_heartbeats "
:
false
,
"l2_population "
:
false
,
"tunnel_types "
:
[
"vxlan "
],
"extensions "
:
[
],
"enable_distributed_routing "
:
false
,
"bridge_mappings "
:
{
"public "
:
"br-ex "
}
}
},
{
"binary "
:
"neutron-dhcp-agent "
,
"description "
:
null
,
"availability_zone "
:
"nova "
,
"heartbeat_timestamp "
:
"2017-09-12 19:39:56 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"id "
:
"840d5d68-5759-4e9e-812f-f3bd19214c7f "
,
"topic "
:
"dhcp_agent "
,
"host "
:
"agenthost1 "
,
"agent_type "
:
"DHCP agent "
,
"started_at "
:
"2017-09-12 19:35:36 "
,
"created_at "
:
"2017-09-12 19:35:36 "
,
"resources_synced "
:
null
,
"configurations "
:
{
"subnets "
:
2
,
"dhcp_lease_duration "
:
86400
,
"dhcp_driver "
:
"neutron.agent.linux.dhcp.Dnsmasq "
,
"networks "
:
1
,
"log_agent_heartbeats "
:
false
,
"ports "
:
3
}
},
{
"binary "
:
"neutron-l3-agent "
,
"description "
:
null
,
"availability_zone "
:
"nova "
,
"heartbeat_timestamp "
:
"2017-09-12 19:40:08 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"id "
:
"a09b81fc-5a42-46d3-a306-1a5d122a7787 "
,
"topic "
:
"l3_agent "
,
"host "
:
"agenthost1 "
,
"agent_type "
:
"L3 agent "
,
"started_at "
:
"2017-09-12 19:35:38 "
,
"created_at "
:
"2017-09-12 19:35:38 "
,
"resources_synced "
:
null
,
"configurations "
:
{
"agent_mode "
:
"legacy "
,
"gateway_external_network_id "
:
""
,
"handle_internal_only_routers "
:
true
,
"routers "
:
1
,
"interfaces "
:
2
,
"floating_ips "
:
0
,
"interface_driver "
:
"openvswitch "
,
"log_agent_heartbeats "
:
false
,
"external_network_bridge "
:
""
,
"ex_gw_ports "
:
1
}
},
{
"binary "
:
"neutron-metadata-agent "
,
"description "
:
null
,
"availability_zone "
:
null
,
"heartbeat_timestamp "
:
"2017-09-12 19:40:09 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"id "
:
"c876c9f7-1058-4b9b-90ed-20fb3f905ec4 "
,
"topic "
:
"N/A "
,
"host "
:
"agenthost1 "
,
"agent_type "
:
"Metadata agent "
,
"started_at "
:
"2017-09-12 19:35:39 "
,
"created_at "
:
"2017-09-12 19:35:39 "
,
"resources_synced "
:
null
,
"configurations "
:
{
"log_agent_heartbeats "
:
false
,
"nova_metadata_host "
:
"172.16.78.191 "
,
"nova_metadata_port "
:
8775
,
"metadata_proxy_socket "
:
"/opt/stack/data/neutron/metadata_proxy "
}
}
]
}
Shows details for an agent.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| agent | body | string |
An
agent
object.
|
| agent_type | body | string |
The type of agent such as
Open
vSwitch
agent
or
DHCP
agent
.
|
| alive | body | boolean | Indicates the agent is alive and running. |
| availability_zone | body | string | The availability zone of the agent. |
| binary | body | string |
The executable command used to start the agent such as
neutron-openvswitch-agent
or
neutron-dhcp-agent
.
|
| configurations | body | object | An object containing configuration specific key/value pairs; the semantics of which are determined by the binary name and type. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| heartbeat_timestamp | body | string | Time at which the last heartbeat was received. |
| host | body | string | The hostname of the system the agent is running on. |
| id | body | string | The ID of the resource. |
| resources_synced (Optional) | body | boolean |
The value
null
means no resource view synchronization to Placement
was attempted.
true
/
false
values signify the success of
the last synchronization attempt. Therefore the relevant resources
in Placement can only be considered up to date if this attribute is
true
. This attribute is read-only, it is only supposed to be
updated internally, but it is readable for debugging purposes. Not all
agent types track resources via Placement, therefore the value
null
does not necessarily means there is an error in the system.
|
| started_at | body | string | Time at which the agent was started. |
| topic | body | string |
The name of AMQP topic the agent is listening on such as
dhcp_agent
. A special value of
N/A
is used when the
agent doesn’t use an AMQP topic.
|
{
"agent "
:
{
"binary "
:
"neutron-openvswitch-agent "
,
"description "
:
null
,
"availability_zone "
:
null
,
"heartbeat_timestamp "
:
"2017-09-12 19:40:38 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"id "
:
"04c62b91-b799-48b7-9cd5-2982db6df9c6 "
,
"topic "
:
"N/A "
,
"host "
:
"agenthost1 "
,
"agent_type "
:
"Open vSwitch agent "
,
"started_at "
:
"2017-09-12 19:35:38 "
,
"created_at "
:
"2017-09-12 19:35:38 "
,
"resources_synced "
:
true
,
"configurations "
:
{
"ovs_hybrid_plug "
:
true
,
"in_distributed_mode "
:
false
,
"datapath_type "
:
"system "
,
"vhostuser_socket_dir "
:
"/var/run/openvswitch "
,
"tunneling_ip "
:
"172.16.78.191 "
,
"arp_responder_enabled "
:
false
,
"devices "
:
0
,
"ovs_capabilities "
:
{
"datapath_types "
:
[
"netdev "
,
"system "
],
"iface_types "
:
[
"geneve "
,
"gre "
,
"internal "
,
"ipsec_gre "
,
"lisp "
,
"patch "
,
"stt "
,
"system "
,
"tap "
,
"vxlan "
]
},
"log_agent_heartbeats "
:
false
,
"l2_population "
:
false
,
"tunnel_types "
:
[
"vxlan "
],
"extensions "
:
[],
"enable_distributed_routing "
:
false
,
"bridge_mappings "
:
{
"public "
:
"br-ex "
}
}
}
}
Updates an agent.
Normal response codes: 200
Error response codes: 400, 401, 403, 404
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| admin_state_up (Optional) | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
Default is
true
.
|
| description (Optional) | body | string | A human-readable description for the resource. Default is an empty string. |
{
"agent "
:
{
"description "
:
"My OVS agent for OpenStack "
}
}
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| agent | body | string |
An
agent
object.
|
| agent_type | body | string |
The type of agent such as
Open
vSwitch
agent
or
DHCP
agent
.
|
| alive | body | boolean | Indicates the agent is alive and running. |
| availability_zone | body | string | The availability zone of the agent. |
| binary | body | string |
The executable command used to start the agent such as
neutron-openvswitch-agent
or
neutron-dhcp-agent
.
|
| configurations | body | object | An object containing configuration specific key/value pairs; the semantics of which are determined by the binary name and type. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| heartbeat_timestamp | body | string | Time at which the last heartbeat was received. |
| host | body | string | The hostname of the system the agent is running on. |
| id | body | string | The ID of the resource. |
| resources_synced (Optional) | body | boolean |
The value
null
means no resource view synchronization to Placement
was attempted.
true
/
false
values signify the success of
the last synchronization attempt. Therefore the relevant resources
in Placement can only be considered up to date if this attribute is
true
. This attribute is read-only, it is only supposed to be
updated internally, but it is readable for debugging purposes. Not all
agent types track resources via Placement, therefore the value
null
does not necessarily means there is an error in the system.
|
| started_at | body | string | Time at which the agent was started. |
| topic | body | string |
The name of AMQP topic the agent is listening on such as
dhcp_agent
. A special value of
N/A
is used when the
agent doesn’t use an AMQP topic.
|
{
"agent "
:
{
"binary "
:
"neutron-openvswitch-agent "
,
"description "
:
"My OVS agent for OpenStack "
,
"availability_zone "
:
null
,
"heartbeat_timestamp "
:
"2017-09-12 19:40:38 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"id "
:
"04c62b91-b799-48b7-9cd5-2982db6df9c6 "
,
"topic "
:
"N/A "
,
"host "
:
"agenthost1 "
,
"agent_type "
:
"Open vSwitch agent "
,
"started_at "
:
"2017-09-12 19:35:38 "
,
"created_at "
:
"2017-09-12 19:35:38 "
,
"resources_synced "
:
true
,
"configurations "
:
{
"ovs_hybrid_plug "
:
true
,
"in_distributed_mode "
:
false
,
"datapath_type "
:
"system "
,
"vhostuser_socket_dir "
:
"/var/run/openvswitch "
,
"tunneling_ip "
:
"172.16.78.191 "
,
"arp_responder_enabled "
:
false
,
"devices "
:
0
,
"ovs_capabilities "
:
{
"datapath_types "
:
[
"netdev "
,
"system "
],
"iface_types "
:
[
"geneve "
,
"gre "
,
"internal "
,
"ipsec_gre "
,
"lisp "
,
"patch "
,
"stt "
,
"system "
,
"tap "
,
"vxlan "
]
},
"log_agent_heartbeats "
:
false
,
"l2_population "
:
false
,
"tunnel_types "
:
[
"vxlan "
],
"extensions "
:
[],
"enable_distributed_routing "
:
false
,
"bridge_mappings "
:
{
"public "
:
"br-ex "
}
}
}
}
Agents that won’t be used anymore can be removed. Before deleting agents via API, the agent should be stopped/disabled.
Normal response codes: 204
Error response codes: 401, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
There is no body content for the response of a successful DELETE request.
Lists availability zones.
Lists all availability zones.
Normal response codes: 200
Error response codes: 401
| Name | In | Type | Description |
|---|---|---|---|
| state (Optional) | query | string |
Filter the list result by the state of the availability zone, which is
either
available
or
unavailable
.
|
| resource (Optional) | query | string |
Filter the list result by the resource type of the availability zone.
The supported resource types are
network
and
router
.
|
| name (Optional) | query | string | Filter the list result by the human-readable name of the resource. |
| Name | In | Type | Description |
|---|---|---|---|
| availability_zones | body | array |
A list of
availability
zone
objects.
|
| state | body | string |
The state of the availability zone, which is either
available
or
unavailable
.
|
| resource | body | string |
The resource type of the availability zone. The supported resource types
are
network
and
router
.
|
| name | body | string | Human-readable name of the resource. |
{
"availability_zones "
:
[
{
"state "
:
"available "
,
"resource "
:
"router "
,
"name "
:
"nova "
},
{
"state "
:
"available "
,
"resource "
:
"network "
,
"name "
:
"nova "
}
]
}
The L3 agent scheduler extension (
l3_agent_scheduler
) allows administrators
to assign Neutron routers to Neutron L3 agents, and retrieve mappings between
Neutron routers and L3 agents.
Lists routers that an l3 agent hosts.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| Name | In | Type | Description |
|---|---|---|---|
| routers | body | array |
A list of
router
objects.
|
| id | body | string | The ID of the router. |
| tenant_id | body | string | The ID of the project. |
| project_id | body | string | The ID of the project. |
| name | body | string | Human-readable name of the resource. |
| description | body | string | A human-readable description for the resource. |
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| status | body | string | The router status. |
| external_gateway_info | body | object |
The external gateway information of the router.
If the router has an external gateway, this would be a dict with
network_id
,
enable_snat
and
external_fixed_ips
.
Otherwise, this would be
null
.
|
| revision_number | body | integer | The revision number of the resource. |
| routes | body | array |
The extra routes configuration for L3 router.
A list of dictionaries with
destination
and
nexthop
parameters.
It is available when
extraroute
extension is enabled.
|
| destination | body | string | The destination CIDR. |
| nexthop | body | string | The IP address of the next hop for the corresponding destination. The next hop IP address must be a part of one of the subnets to which the router interfaces are connected. |
| distributed | body | boolean |
true
indicates a distributed router.
It is available when
dvr
extension is enabled.
|
| ha | body | boolean |
true
indicates a highly-available router.
It is available when
l3-ha
extension is enabled.
|
| availability_zone_hints | body | array |
The availability zone candidates for the router.
It is available when
router_availability_zone
extension is enabled.
|
| availability_zones | body | array |
The availability zone(s) for the router.
It is available when
router_availability_zone
extension is enabled.
|
| service_type_id | body | string | The ID of the service type associated with the router. |
| flavor_id | body | string | The ID of the flavor associated with the router. |
{
"routers "
:
[
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.3 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
},
{
"ip_address "
:
"2001:db8::c "
,
"subnet_id "
:
"0c56df5d-ace5-46c8-8f4c-45fa4e334d18 "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"915a14a6-867b-4af7-83d1-70efceb146f9 "
,
"name "
:
"router2 "
,
"revision_number "
:
1
,
"routes "
:
[
{
"destination "
:
"179.24.1.0/24 "
,
"nexthop "
:
"172.24.3.99 "
}
],
"status "
:
"ACTIVE "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
},
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"description "
:
""
,
"distributed "
:
false
,
"external_gateway_info "
:
{
"enable_snat "
:
true
,
"external_fixed_ips "
:
[
{
"ip_address "
:
"172.24.4.6 "
,
"subnet_id "
:
"b930d7f6-ceb7-40a0-8b81-a425dd994ccf "
},
{
"ip_address "
:
"2001:db8::9 "
,
"subnet_id "
:
"0c56df5d-ace5-46c8-8f4c-45fa4e334d18 "
}
],
"network_id "
:
"ae34051f-aa6c-4c75-abf5-50dc9ac99ef3 "
},
"flavor_id "
:
"f7b14d9a-b0dc-4fbe-bb14-a0f4970a69e0 "
,
"ha "
:
false
,
"id "
:
"f8a44de0-fc8e-45df-93c7-f79bf3b01c95 "
,
"name "
:
"router1 "
,
"revision_number "
:
1
,
"routes "
:
[],
"status "
:
"ACTIVE "
,
"project_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"tenant_id "
:
"0bd18306d801447bb457a46252d82d13 "
,
"service_type_id "
:
null
}
]
}
Add a router to an l3 agent.
Normal response codes: 201
Error response codes: 400, 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| router_id | body | string | The ID of the router. |
{
"router_id "
:
"43e66290-79a4-415d-9eb9-7ff7919839e1 "
}
null
There is no body content for the response of a successful POST request.
Removes a router from an l3 agent.
Normal response codes: 204
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| router_id | path | string | The ID of the router. |
There is no body content for the response of a successful DELETE request.
Lists l3 agents hosting a specific router.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| router_id | path | string | The ID of the router. |
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| agents | body | array |
A list of
agent
objects.
|
| agent_type | body | string |
The type of agent such as
Open
vSwitch
agent
or
DHCP
agent
.
|
| alive | body | boolean | Indicates the agent is alive and running. |
| binary | body | string |
The executable command used to start the agent such as
neutron-openvswitch-agent
or
neutron-dhcp-agent
.
|
| configurations | body | object | An object containing configuration specific key/value pairs; the semantics of which are determined by the binary name and type. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| heartbeat_timestamp | body | string | Time at which the last heartbeat was received. |
| host | body | string | The hostname of the system the agent is running on. |
| id | body | string | The ID of the resource. |
| started_at | body | string | Time at which the agent was started. |
| topic | body | string |
The name of AMQP topic the agent is listening on such as
dhcp_agent
. A special value of
N/A
is used when the
agent doesn’t use an AMQP topic.
|
{
"agents "
:
[
{
"binary "
:
"neutron-l3-agent "
,
"description "
:
null
,
"availability_zone "
:
"nova "
,
"heartbeat_timestamp "
:
"2018-04-08 07:32:42 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"topic "
:
"l3_agent "
,
"host "
:
"mkm-instance01 "
,
"ha_state "
:
null
,
"agent_type "
:
"L3 agent "
,
"resource_versions "
:
{},
"created_at "
:
"2018-03-11 08:10:58 "
,
"started_at "
:
"2018-03-11 08:10:58 "
,
"id "
:
"b64f5c61-2210-41a6-869f-b51d7914511e "
,
"configurations "
:
{
"agent_mode "
:
"legacy "
,
"gateway_external_network_id "
:
""
,
"handle_internal_only_routers "
:
true
,
"routers "
:
3
,
"interfaces "
:
1
,
"floating_ips "
:
0
,
"interface_driver "
:
"openvswitch "
,
"log_agent_heartbeats "
:
false
,
"external_network_bridge "
:
""
,
"ex_gw_ports "
:
1
}
}
]
}
The DHCP agent scheduler extension (
dhcp_agent_scheduler
)
enables administrators to assign DHCP servers for Neutron networks to given
Neutron DHCP agents, and retrieve mappings between Neutron networks
and DHCP agents.
Lists networks that a DHCP agent hosts.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| Name | In | Type | Description |
|---|---|---|---|
| network | body | object |
A
network
object.
|
| admin_state_up | body | boolean |
The administrative state of the network, which is
up (
true
) or down (
false
).
|
| availability_zone_hints | body | array | The availability zone candidate for the network. |
| availability_zones | body | array | The availability zone for the network. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| dns_domain | body | string | A valid DNS domain. |
| id | body | string | The ID of the network. |
| ipv4_address_scope | body | string | The ID of the IPv4 address scope that the network is associated with. |
| ipv6_address_scope | body | string | The ID of the IPv6 address scope that the network is associated with. |
| l2_adjacency | body | boolean |
Indicates whether L2 connectivity is available throughout
the
network
.
|
| mtu | body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
| name | body | string | Human-readable name of the network. |
| port_security_enabled | body | boolean |
The port security status of the network. Valid values are
enabled (
true
) and disabled (
false
).
This value is used as the default value of
port_security_enabled
field of a newly created port.
|
| project_id | body | string | The ID of the project. |
| provider:network_type | body | string |
The type of physical network that this network is mapped to.
For example,
flat
,
vlan
,
vxlan
, or
gre
.
Valid values depend on a networking back-end.
|
| provider:physical_network | body | string | The physical network where this network/segment is implemented. |
| provider:segmentation_id | body | integer |
The ID of the isolated segment on the physical network.
The
network_type
attribute defines the segmentation model.
For example, if the
network_type
value is vlan, this ID is a vlan
identifier. If the
network_type
value is gre, this ID is a gre key.
|
| qos_policy_id | body | string | The ID of the QoS policy. |
| revision_number | body | integer | The revision number of the resource. |
| router:external | body | boolean |
Indicates whether the network has an external routing facility that’s not
managed by the networking service. If the network is updated from external
to internal the unused floating IPs of this network are automatically
deleted when extension
floatingip-autodelete-internal
is present.
|
| segments | body | array |
A list of provider
segment
objects.
|
| shared | body | boolean | Indicates whether this network is shared across all tenants. By default, only administrative users can change this value. |
| status | body | string |
The network status. Values are
ACTIVE
,
DOWN
,
BUILD
or
ERROR
.
|
| subnets | body | array | The associated subnets. |
| tenant_id | body | string | The ID of the project. |
| updated_at | body | string | Time at which the resource has been updated (in UTC ISO8601 format). |
| vlan_transparent | body | boolean |
Indicates the VLAN transparency mode of the network, which is
VLAN transparent (
true
) or not VLAN transparent (
false
).
|
| description | body | string | A human-readable description for the resource. |
| is_default | body | boolean | The network is default pool or not. |
{
"networks "
:
[
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"d32019d3-bc6e-4319-9c1d-6722fc136a22 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"net1 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"qos_policy_id "
:
"6a8454ade84346f59e8d40665f878b2e "
,
"revision_number "
:
1
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"54d6f61d-db07-451c-9ab3-b9609b6b6f0b "
],
"tenant_id "
:
"4fd44f30292945e481c7b8a0c8908869 "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
true
,
"description "
:
""
,
"is_default "
:
false
},
{
"admin_state_up "
:
true
,
"availability_zone_hints "
:
[],
"availability_zones "
:
[
"nova "
],
"created_at "
:
"2016-03-08T20:19:41 "
,
"dns_domain "
:
"my-domain.org."
,
"id "
:
"db193ab3-96e3-4cb3-8fc5-05f4296d0324 "
,
"ipv4_address_scope "
:
null
,
"ipv6_address_scope "
:
null
,
"l2_adjacency "
:
false
,
"mtu "
:
1500
,
"name "
:
"net2 "
,
"port_security_enabled "
:
true
,
"project_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"qos_policy_id "
:
"bfdb6c39f71e4d44b1dfbda245c50819 "
,
"revision_number "
:
3
,
"router:external "
:
false
,
"shared "
:
false
,
"status "
:
"ACTIVE "
,
"subnets "
:
[
"08eae331-0402-425a-923c-34f7cfe39c1b "
],
"tenant_id "
:
"26a7980765d0414dbc1fc1f88cdb7e6e "
,
"updated_at "
:
"2016-03-08T20:19:41 "
,
"vlan_transparent "
:
false
,
"description "
:
""
,
"is_default "
:
false
}
]
}
Add a network to a DHCP agent
Normal response codes: 201
Error response codes: 400, 403, 409, 404
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| network_id | body | string | The ID of the network. |
{
"network_id "
:
"1ae075ca-708b-4e66-b4a7-b7698632f05f "
}
null
There is no body content for the response of a successful POST request.
Removes a network from a dhcp agent.
Normal response codes: 204
Error response codes: 401, 403, 404, 409
| Name | In | Type | Description |
|---|---|---|---|
| agent_id | path | string | The ID of the agent. |
| network_id | body | string | The ID of the attached network. |
There is no body content for the response of a successful DELETE request.
Lists DHCP agents hosting a network.
Normal response codes: 200
Error response codes: 401, 403
| Name | In | Type | Description |
|---|---|---|---|
| network_id | body | string | The ID of the attached network. |
| Name | In | Type | Description |
|---|---|---|---|
| admin_state_up | body | boolean |
The administrative state of the resource, which is
up (
true
) or down (
false
).
|
| agents | body | array |
A list of
agent
objects.
|
| agent_type | body | string |
The type of agent such as
Open
vSwitch
agent
or
DHCP
agent
.
|
| alive | body | boolean | Indicates the agent is alive and running. |
| binary | body | string |
The executable command used to start the agent such as
neutron-openvswitch-agent
or
neutron-dhcp-agent
.
|
| configurations | body | object | An object containing configuration specific key/value pairs; the semantics of which are determined by the binary name and type. |
| created_at | body | string | Time at which the resource has been created (in UTC ISO8601 format). |
| description | body | string | A human-readable description for the resource. |
| heartbeat_timestamp | body | string | Time at which the last heartbeat was received. |
| host | body | string | The hostname of the system the agent is running on. |
| id | body | string | The ID of the resource. |
| started_at | body | string | Time at which the agent was started. |
| topic | body | string |
The name of AMQP topic the agent is listening on such as
dhcp_agent
. A special value of
N/A
is used when the
agent doesn’t use an AMQP topic.
|
{
"agents "
:
[
{
"binary "
:
"neutron-dhcp-agent "
,
"description "
:
null
,
"availability_zone "
:
"nova "
,
"heartbeat_timestamp "
:
"2018-04-08 07:32:42 "
,
"admin_state_up "
:
true
,
"alive "
:
true
,
"topic "
:
"dhcp_agent "
,
"host "
:
"mkm-instance01 "
,
"ha_state "
:
null
,
"agent_type "
:
"DHCP agent "
,
"resource_versions "
:
{},
"created_at "
:
"2018-03-11 08:10:58 "
,
"started_at "
:
"2018-03-11 08:10:58 "
,
"id "
:
"b64f5c61-2210-41a6-869f-b51d7914511e "
,
"configurations "
:
{
"subnets "
:
1
,
"dhcp_lease_duration "
:
86400
,
"dhcp_driver "
:
"neutron.agent.linux.dhcp.Dnsmasq "
,
"ports "
:
2
,
"log_agent_heartbeats "
:
false
,
"networks "
:
1
}
}
]
}
Show details and delete the auto allocated topology for a given project.
This API is only available when the
auto-allocated-topology
extension
is enabled.
Shows details for an auto allocated topology.
Use the
fields
query parameter to control which fields are
returned in the response body. For information, see Filtering and
Column Selection
.
Normal response codes: 200
Error response codes: 401, 404
| Name | In | Type | Description |
|---|---|---|---|
| project_id | path | string | The ID of the project. |
| fields (Optional) | query | string |
The fields that you want the server to return.
If no
fields
query parameter is specified,
the networking API returns all attributes allowed by the policy settings.
By using
fields
parameter, the API returns only the requested set of
attributes.
fields
parameter can be specified multiple times.
For example, if you specify
fields=id &fields=name
in the request URL,
only
id
and
name
attributes will be returned.
|
| Name | In | Type | Description |
|---|---|---|---|
| id | body | string | The ID of the network for the auto allocated topology. |
| tenant_id | body | string | The ID of the project owning the auto allocated topology. |
{
"id "
:
"31483d41-5c2b-481c-beef-ab501bd2e0da "
,
"tenant_id "
:
"7623217f-dd15-44ec-994a-581a6e41c113 "
}
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License . See all OpenStack Legal Documents .